EasyNight

Description

FireEye describes EASYNIGHT is a loader observed used with several malware families, including HIGHNOON and HIGHNOON.LITE. The loader often acts as a persistence mechanism via search order hijacking.

Examples include a patched bcrypt.dll with no other modification than an additional import entry, in the observed case ‘printwin.dll!gzwrite64’ (breaking the file signature).

Names

Name
EasyNight

Type

Loader

Information

https://docplayer.net/161018432-Double-dragon-apt41-a-dual-espionage-and-cyber-crime-operation.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.easynight

Other Information

Uuid

2bf18644-2db8-4740-ac27-914991212366

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

EasyNight

EasyNight

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks