Excalibur

Description

(Cylance) Saber is a custom RAT that periodically queries a web-based C2 server for commands. The only active instances SPEAR was able to identify were hosted on the Chinese code development site ‘csdn(dot)net’. Kitkiot variants are commonly installed alongside other types of malware and often included additional functionality, including: • Denial of Service (DoS) and Distributed Denial of Service (DDoS) capabilities • The ability to hijack and steal in-game account information and items from multiple online gaming platforms • In some rare cases these were used for click-through advertising fraud.

Names

Name
Excalibur
Sabresac
Saber

Type

Backdoor

Information

https://threatvector.cylance.com/en_us/home/digitally-signed-malware-targeting-gaming-companies.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.excalibur

Other Information

Uuid

7988e6c1-d35e-4a7e-a1b5-5a24c4a4f6ea

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

Excalibur

Excalibur

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks