NetTraveler

Malware updated 6 months ago (2024-05-04T17:38:29.530Z)
Download STIX
Preview STIX
NetTraveler is a harmful malware that can infect computers and steal personal information. The malware is usually spread through suspicious downloads, emails, or websites, without the user's knowledge. It can disrupt operations, hold data hostage, and damage computer systems. NetTraveler shares similar tactics, techniques, and procedures (TTPs) with ZeroT infrastructure. Both malware families have been continuously sharing the same command-and-control (C&C) domains. As an example, SHA256: 0d6d789d603d6d9ba68131592fd595c4d82c0288be309876d27a53466158b312 was used by many NetTraveler samples from October 2016 to January 2017. In previous years, a China-based attack group used PlugX and NetTraveler Trojans for espionage in Europe, Russia, Mongolia, Belarus, and other neighboring countries. This activity has been documented and reported on in the past.
Description last updated: 2023-06-23T20:10:37.026Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the NetTraveler Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more