BIFROST

Description

(Talos) Bifrost is a backdoor with more than 10 variants. Bifrost uses the typical server, server builder, and client backdoor program configuration to allow a remote attacker, who uses the client, to execute arbitrary code on the compromised machine. Bifrost contains standard RAT features including a file manager, screen capture utility, keylogging, video recording, microphone and camera monitoring, and a process manager. In order to mark its presence in the system, Bifrost uses a mutex that may be named ‘Bif1234,’ or ‘Tr0gBot.‘

Names

Name
BIFROST
elf.bifrose

Type

Backdoor
Keylogger
Info stealer

Information

https://blog.talosintelligence.com/2019/03/threat-roundup-for-feb-22-to-march-1.html
https://teamt5.org/tw/posts/technical-analysis-on-backdoor-bifrost-of-the-Chinese-apt-group-huapi/
https://unit42.paloaltonetworks.com/new-linux-variant-bifrost-malware/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/elf.bifrost

Other Information

Uuid

de095ac7-5aa3-41b1-8ea2-18ef7160715c

Last Card Change

2024-03-07

Threat Intelligence Garden

Explorer

BIFROST

BIFROST

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks