CHAIRSMACK

Description

(Mandiant) CHAIRSMACK is a backdoor written in C++ that communicates using HTTP. CHAIRSMACK’s core functionality involves expanding its capabilities by retrieving plugins from a C2 server. Downloaded plugins are cached on disk for future use. Capabilities added via plugins are inferred based on supported backdoor command names. These capabilities include shell command execution, screenshot capture, audio capture, keylogging, file transfer, and file execution.

Names

Name
CHAIRSMACK

Type

Backdoor

Information

https://www.mandiant.com/media/17826

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.chairsmack

Other Information

Uuid

f6e9b97e-8e22-43a4-9b5d-8b4d7532ee86

Last Card Change

2022-12-27

Threat Intelligence Garden

Explorer

CHAIRSMACK

CHAIRSMACK

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks