Bateleur

Description

(Proofpoint) Proofpoint researchers have uncovered that the threat actor commonly referred to as FIN7 has added a new JScript backdoor called Bateleur and updated macros to its toolkit. We have observed these new tools being used to target U.S.-based chain restaurants, although FIN7 has previously targeted hospitality organizations, retailers, merchant services, suppliers and others. The new macros and Bateleur backdoor use sophisticated anti-analysis and sandbox evasion techniques as they attempt to cloak their activities and expand their victim pool.

Names

Name
Bateleur

Type

Backdoor

Information

https://www.proofpoint.com/us/threat-insight/post/fin7carbanak-threat-actor-unleashes-bateleur-jscript-backdoor

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/js.bateleur

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:Bateleur

Other Information

Uuid

86819334-1338-4ce0-a221-c599a1bf9763

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

Bateleur

Bateleur

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks