DRAWSTRING

Description

(Mandiant) A downloader, which Mandiant tracks as DRAWSTRING, has some internal recon functionality. While primarily providing FIN13 the ability to download and execute arbitrary files, DRAWSTRING will also execute systeminfo.exe and upload that information to a command and control (C2) server.

Names

Name
DRAWSTRING

Type

Downloader
Reconnaissance
Info stealer

Information

https://www.mandiant.com/resources/fin13-cybercriminal-mexico

Other Information

Uuid

aebae8ef-2707-4ad8-9173-415439e38842

Last Card Change

2021-12-26

Threat Intelligence Garden

Explorer

DRAWSTRING

DRAWSTRING

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks