Crutch

Description

(ESET) We were able to capture some of the commands sent by the operators to several Crutch v3 instances, which is helpful to understand the goal of the operation. The operators were mainly doing reconnaissance, lateral movement and espionage. The main malicious activity is the staging, compression and exfiltration of documents and various files, as shown in Figure 1. These are commands manually executed by the operators, thus not showing the automated collection of documents by the drive monitor component described in a later section.

Names

Name
Crutch

Type

Reconnaissance
Backdoor
Exfiltration

Information

https://www.welivesecurity.com/2020/12/02/turla-crutch-keeping-back-door-open/

Mitre Attack

https://attack.mitre.org/software/S0538/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.crutch

Other Information

Uuid

f1fccfe7-45d8-4a18-ac92-ef5aca3809a7

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Crutch

Crutch

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks