DoubleT

Description

(Kaspersky) This quarter, we described another CactusPete attack campaign which started in December 2019 In this campaign, the CactusPete threat actor used a new method to drop an updated version of the DoubleT backdoor onto the computers. The attackers implanted a new dropper module in the Microsoft Word Startup directory, most likely through a malicious document. This malicious dropper is responsible for dropping and executing a new version of the DoubleT backdoor, which utilizes a new method of encrypting the C2 server address.

Names

Name
DoubleT

Type

Backdoor

Information

https://securelist.com/apt-trends-report-q2-2020/97937/

Other Information

Uuid

7d9b876d-91be-4e71-8df8-2846e28233ac

Last Card Change

2020-07-30

Threat Intelligence Garden

Explorer

DoubleT

DoubleT

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks