KARAE

Description

(FireEye) Karae backdoors are typically used as first-stage malware after an initial compromise. The backdoors can collect system information, upload and download files, and may be used to retrieve a second-stage payload. The malware uses public cloud-based storage providers for command and control.

In March 2016, KARAE malware was distributed through torrent file-sharing websites for South Korean users. During this campaign, the malware used a YouTube video downloader application as a lure.

Names

Name
KARAE

Type

Reconnaissance
Backdoor
Info stealer
Exfiltration

Information

https://www2.fireeye.com/rs/848-DID-242/images/rpt_APT37.pdf

Mitre Attack

https://attack.mitre.org/software/S0215/

Other Information

Uuid

4ad9ed1b-37c5-4253-9f67-07f705c084a2

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

KARAE

KARAE

Description

Names

Category

Type

Information

Mitre Attack

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks