BRICKSTORM

Description

(NVISO) BRICKSTORM provides attackers with file manager and network tunneling capabilities. As a notable difference to Mandiant’s BRICKSTORM report, the Windows samples discussed here are not equipped with command execution capabilities. Instead, adversaries have been observed using network tunneling capabilities in combination with valid credentials to abuse well-known protocols such as RDP or SMB, thus achieving similar command execution

Names

Name
BRICKSTORM

Type

Backdoor

Information

https://blog.nviso.eu/wp-content/uploads/2025/04/NVISO-BRICKSTORM-Report.pdf

Other Information

Uuid

2ff0480c-1ac8-4d42-83a7-3576948e3cbd

Last Card Change

2025-04-21

Threat Intelligence Garden

Explorer

BRICKSTORM

BRICKSTORM

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks