GRILLMARK

Description

This is a proxy-aware HTTP backdoor that is implemented as a service and uses the compromised system’s proxy settings to access the internet. C&C traffic is base64 encoded and the files sent to the server are compressed with aPLib.

Names

Name
GRILLMARK
Hellsing Backdoor

Category

Malware

Type

• Backdoor

Information

• https://docplayer.net/5013762-Fireeye-threat-intelligence-southeast-asia-an-evolving-cyber-threat-landscape-security-reimagined-march-2015.html

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.grillmark

Other Information

Uuid

68cce88d-0ccf-4693-acc9-218462c84e67

Last Card Change

2021-04-24