FunnySwitch
Description
(Trend Micro) FunnySwitch is a .NET Framework backdoor that usually starts with the “MITRE – Hijack Execution Flow: DLL Search Order Hijacking” technique and executes inside a legal process that was mentioned and analyzed by Positive Technologies in 2020.
Names
| Name |
|---|
| FunnySwitch |
| RouterGod |
Category
Malware
Type
- Loader
- Backdoor
Information
- https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf
- https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/higaisa-or-winnti-apt-41-backdoors-old-and-new/
Malpedia
Other Information
Uuid
21b1dd5b-e372-44eb-a8c9-e9d6626d8ced
Last Card Change
2022-12-27