KANDYKORN

Description

(Elastic) KANDYKORN is the final stage of this execution chain and possesses a full-featured set of capabilities to access and exfiltrate data from the victim’s computer. Elastic Security Labs was able to retrieve this payload from one C2 server which hadn’t been deactivated yet.

Names

Name
KANDYKORN

Type

Backdoor
Exfiltration

Information

https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/osx.kandykorn

Other Information

Uuid

8664953d-3b93-4134-8936-9fdb508474f7

Last Card Change

2024-01-17

Threat Intelligence Garden

Explorer

KANDYKORN

KANDYKORN

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks