EYE

Description

(Palo Alto) The actor uses the EYE tool as a failsafe while they are logged into the system via RDP, as the tool will kill all processes created by the actor and remove other identifying artifacts if a legitimate user logs in.

Names

Name
EYE

Type

Backdoor

Information

https://unit42.paloaltonetworks.com/xhunt-campaign-attacks-on-kuwait-shipping-and-transportation-organizations/

Other Information

Uuid

105f72de-dce0-48cd-bffc-501f57111e88

Last Card Change

2020-04-29

Threat Intelligence Garden

Explorer

EYE

EYE

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks