Kazuar

Description

(Palo Alto) Kazuar is a fully featured backdoor written using the .NET Framework and obfuscated using the open source packer called ConfuserEx.

Kazuar has an extensive command set, many of which are similar in functionality as other backdoor Trojans. However, a few commands specific to Kazuar appear to be unique and are worth further discussion.

Names

Name
Kazuar

Type

Backdoor
Info stealer
Exfiltration
Loader

Information

https://unit42.paloaltonetworks.com/unit42-kazuar-multiplatform-espionage-backdoor-api-access/
https://www.accenture.com/us-en/blogs/cyber-defense/turla-belugasturgeon-compromises-government-entity
https://unit42.paloaltonetworks.com/pensive-ursa-uses-upgraded-kazuar-backdoor/https://unit42.paloaltonetworks.com/pensive-ursa-uses-upgraded-kazuar-backdoor/

Mitre Attack

https://attack.mitre.org/software/S0265/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.kazuar

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:Kazuar

Other Information

Uuid

65bcba1a-e845-438b-9920-72bf6282af32

Last Card Change

2023-11-29

Threat Intelligence Garden

Explorer

Kazuar

Kazuar

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks