BUSTEDPIPE
Description
(Mandiant) In the same investigation where FIN13 has used wmiexec.vbs, Mandiant has also observed the actor use a custom JSP web shell tunneler named BUSTEDPIPE to facilitate lateral movement via web requests.
Names
Name |
---|
BUSTEDPIPE |
Category
Malware
Type
- Remote command
Information
Other Information
Uuid
cd757755-d4d2-4ce2-a806-50cf443d4f62
Last Card Change
2021-12-26