Alma Communicator

Description

(Palo Alto) Recently, we observed a new version of the Clayslide delivery document used to install a new custom Trojan whose developer calls it “ALMA Communicator”. The delivery document also saved the post-exploitation credential harvesting tool known as Mimikatz, which we believe the threat actors will use to gather account credentials from the compromised system.

Names

Name
Alma Communicator

Type

Backdoor
Tunneling

Information

https://unit42.paloaltonetworks.com/unit42-oilrig-deploys-alma-communicator-dns-tunneling-trojan/
https://unit42.paloaltonetworks.com/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.alma_communicator

Other Information

Uuid

0b467acc-1e16-4e2d-9946-0e84e679c343

Last Card Change

2020-05-13

Threat Intelligence Garden

Explorer

Alma Communicator

Alma Communicator

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks