Ketrum

Description

(Intezer) The three samples we discovered seem to be a mix of the Ketrican and Okrum backdoors documented by researchers at ESET in 2019. Features have been merged from these two malware families to create a different RAT class for the group. We’ve decided to call this umbrella of malware “Ketrum.”

The new samples we found continue the Ke3chang group’s strategy of using a basic backdoor to gain control over the victim’s device, so that an operator can then connect to it and run commands manually to conduct further operations.

Names

Name
Ketrum

Type

Backdoor
Info stealer
Exfiltration

Information

https://www.intezer.com/blog/research/the-evolution-of-apt15s-codebase-2020/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.ketrum

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:ketrum

Other Information

Uuid

93db3d8b-4060-4a36-b6ed-ee3aa8797752

Last Card Change

2021-04-24

Threat Intelligence Garden

Explorer

Ketrum

Ketrum

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks