Crowdoor

Description

(Trend Micro) The new backdoor variant, Crowdoor, has been observed to interact with the Cobalt Strike installation, in keeping with Earth Estries’ tools, tactics, and procedures (TTPs) of cleaning up and reinstalling tools. Both instances of Crowdoor and the reinstalled Cobalt Strike were brought in as CAB files by preceding instances.

Names

Name
Crowdoor

Type

Backdoor

Information

https://www.trendmicro.com/en_us/research/24/k/breaking-down-earth-estries-persistent-ttps-in-prolonged-cyber-o.html

Other Information

Uuid

3fdda153-4916-40a6-b401-5c6d9fe7991d

Last Card Change

2024-12-26

Threat Intelligence Garden

Explorer

Crowdoor

Crowdoor

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks