CROWVIEW

Description

(Mandiant) BIRDWATCH is often referred to collectively as “JSSLoader”; however, multiple variations of BIRDWATCH exist which we track as separate code families. One variant of BIRDWATCH is CROWVIEW, which is also .NET-based, but has enough code differences from prototypical BIRDWATCH that we cluster it separately. Unlike BIRDWATCH, CROWVIEW can house an embedded payload, can self-delete, supports additional arguments and stores a slightly different configuration.

Names

Name
CROWVIEW

Type

Loader

Information

https://www.mandiant.com/resources/evolution-of-fin7

Other Information

Uuid

9f1c6ccf-8a41-44d2-95c6-d1a9cf9acc20

Last Card Change

2022-04-05

Threat Intelligence Garden

Explorer

CROWVIEW

CROWVIEW

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks