Gcat

Description

A PoC backdoor that uses Gmail as a C&C server

(ESET) [During the Sandworm analysis] We expected to see the BlackEnergy malware as the final payload, but a different malware was used this time. The attackers used modified versions of an open-source gcat backdoor written in the Python programming language. The python script was converted into a stand-alone executable using PyInstaller program.

Names

Name
Gcat

Type

Backdoor

Information

https://www.welivesecurity.com/2016/01/20/new-wave-attacks-ukrainian-power-industry/
https://github.com/byt3bl33d3r/gcat

Other Information

Uuid

8286cb4e-d89d-444a-a8cb-192e2c0ee479

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Gcat

Gcat

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks