Elise

Description

(Palo Alto) We believe that the Lotus Blossom group developed the Elise malware specifically to meet the needs of the attack campaigns, and we’ve observed three variants across 50 samples during the three-year period of these attacks. Elise is a relatively sophisticated tool, including variants with the ability to evade detection in virtual environments, connect to command-and-control servers for additional instruction, and exfiltrate data.

Names

Name
Elise
BKDR_ESILE
EVILNEST
Page

Type

Backdoor
Exfiltration

Information

https://unit42.paloaltonetworks.com/operation-lotus-blossom/
https://www.accenture.com/t20180127T003755Z__w__/us-en/_acnmedia/PDF-46/Accenture-Security-Dragonfish-Threat-Analysis.pdf
https://researchcenter.paloaltonetworks.com/2016/02/emissary-trojan-changelog-did-operation-lotus-blossom-cause-it-to-evolve/
https://www.joesecurity.org/blog/8409877569366580427

Mitre Attack

https://attack.mitre.org/software/S0081/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.elise

Other Information

Uuid

f16f218c-6241-45d3-a9e3-9c4551aab26d

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

Elise

Elise

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks