BeaconLoader

Description

(Positive Technologies) BeaconLoader is uploaded using DLL Hijacking. At the first stage, the library receives the addresses of the functions and libraries necessary for its operation. Then, it checks the name of the parent process and the privilege type (for further work, the SYSTEM type and names msdtc.exe, msdtc.exe.mui, and vmtoolsd.exe are required).

Names

Name
BeaconLoader

Type

Loader

Information

https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/new-apt-group-chamelgang/

Other Information

Uuid

93c315eb-5c5a-4e9c-8b31-14216ff9a407

Last Card Change

2021-11-02

Threat Intelligence Garden

Explorer

BeaconLoader

BeaconLoader

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks