FoundCore
Description
(Kaspersky) Communications with the server can take place either over raw TCP sockets encrypted with RC4, or via HTTPS. Commands supported by FoundCore include filesystem manipulation, process manipulation, screenshot captures and arbitrary command execution.
Names
| Name |
|---|
| FoundCore |
| RainyDay |
Category
Malware
Type
- Backdoor
- Info stealer
Information
- https://securelist.com/the-leap-of-a-cycldek-related-threat-actor/101243/
- https://www.bitdefender.com/files/News/CaseStudies/study/396/Bitdefender-PR-Whitepaper-NAIKON-creat5397-en-EN.pdf
Other Information
Uuid
fd134b1c-5367-4606-a171-2ab6a45ef77f
Last Card Change
2021-05-15