HyperStack

Description

(Accenture) HyperStack, first observed in 2018, is one of several RPC backdoors Turla uses. A sample identified in September 2020 has updated functionality which appears to be inspired the RPC backdoors previously publicly disclosed by ESET and Symantec Researchers as well as with the Carbon backdoor. Based on these similarities, we assess with high confidence that HyperStack is a custom Turla backdoor.

Names

Name
HyperStack
GoldenSky
SilentMoon
Turla SilentMoon
BigBoss
Cacao

Type

Backdoor

Information

https://www.accenture.com/us-en/blogs/cyber-defense/turla-belugasturgeon-compromises-government-entity
https://www.pwc.co.uk/cyber-security/pdf/pwc-cyber-threats-2020-a-year-in-retrospect.pdf

Mitre Attack

https://attack.mitre.org/software/S0537/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.turla_silentmoon

Other Information

Uuid

f1280fc8-feb4-4480-ac03-2ce589fece0a

Last Card Change

2022-12-30

Threat Intelligence Garden

Explorer

HyperStack

HyperStack

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks