BUSTEDPIPE

Description

(Mandiant) In the same investigation where FIN13 has used wmiexec.vbs, Mandiant has also observed the actor use a custom JSP web shell tunneler named BUSTEDPIPE to facilitate lateral movement via web requests.

Names

Name
BUSTEDPIPE

Category

Malware

Type

  • Remote command

Information

Other Information

Uuid

cd757755-d4d2-4ce2-a806-50cf443d4f62

Last Card Change

2021-12-26