BEATDROP

Description

(Mandiant) BEATDROP is a downloader written in C that makes use of Trello for C2. Once executed, BEATDROP first maps its own copy of ntdll.dll into memory for the purpose of executing shellcode in its own process. BEATDROP first creates a suspended thread with RtlCreateUserThread which points to NtCreateFile.

Names

Name
BEATDROP

Type

Downloader

Information

https://www.mandiant.com/resources/blog/tracking-apt29-phishing-campaigns

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.beatdrop

Other Information

Uuid

4ddb55da-9631-4eb5-972d-a1627d807f46

Last Card Change

2023-06-22

Threat Intelligence Garden

Explorer

BEATDROP

BEATDROP

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks