GraphSteel
Description
(SOC Investigation) GraphSteel features: • Gather hostname, username, and IP address information • Execute commands • Steal account credentials • Use WebSocket and GraphQL to communicate with C2 using AES and base64 encryption
Names
| Name |
|---|
| GraphSteel |
| Elephant Client |
Category
Malware
Type
- Reconnaissance
- Backdoor
- Credential stealer
Information
- https://www.socinvestigation.com/ukraines-cert-warns-russian-threat-actors-for-fake-av-updates/
- https://blog.malwarebytes.com/threat-intelligence/2022/04/new-uac-0056-activity-theres-a-go-elephant-in-the-room/
Malpedia
Other Information
Uuid
a332e2dd-65f4-46e9-8138-de9ae3ed7e50
Last Card Change
2022-12-27