CMD365

Description

(SentinelLabs) The main functionality of CMD365 is to execute commands from a C2 hosted on a Microsoft 365 Mail instance. This capability was used to conduct a variety of activities, such as reconnaissance, privilege escalation, staging of additional malware, and data exfiltration.

Names

Name
CMD365

Type

Backdoor

Information

https://www.sentinelone.com/labs/wip26-espionage-threat-actors-abuse-cloud-infrastructure-in-targeted-telco-attacks/

Other Information

Uuid

ced9033b-40f7-435d-bdb7-2c63dc76e452

Last Card Change

2023-02-17

Threat Intelligence Garden

Explorer

CMD365

CMD365

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks