Kikothac

Description

(Group-IB) During the first operations the cybercriminals used a third-party patched backdoor Kikothac without access to its source code. They chose a Trojan, which had been known since November 2015, and did not require a lot of time for reverse engineering and back end implementation. The usage of this disassembled backdoor indicates that the group started without preparation and the first operation was a mere attempt to test their capabilities.

Names

Name
Kikothac

Category

Malware

Type

• Backdoor

Information

• https://www.group-ib.com/resources/threat-research/silence_moving-into-the-darkside.pdf

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.kikothac

Other Information

Uuid

ac6315b8-395b-4337-935c-feaad4b4dbab

Last Card Change

2020-04-23