HOOKSHOT

Description

(Mandiant) HOOKSHOT is a tunneler that leverages a statically linked implementation of OpenSSL to communicate back to its C2. While it connects over TCP, it does not make use of a client certificate for encryption.

Names

Name
HOOKSHOT

Type

Tunneling

Information

https://www.mandiant.com/resources/blog/lightshow-north-korea-unc2970

Other Information

Uuid

76d5c402-eb81-4a1f-be61-6b9a3d5357b4

Last Card Change

2023-04-25

Threat Intelligence Garden

Explorer

HOOKSHOT

HOOKSHOT

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks