Md_client

Description

(Bitdefender) This component uses the UDP and the 53 port to communicate with the C&C server and is capable of: • Collecting system information like computer name, user name, osverion, processor architecture; • Creating a remote shell by running a cmd.exe with stdin/stdout/stderr “connected” to the C&C • Sending the Logical Drive Strings • Listing a directory • Uploading and downloading a file • Deleting a directory • Executing a command using ShellExecuteW • Executing a command using CreateDesktop (“mydktop1”) and CreateProcess

Names

Name
Md_client

Type

Reconnaissance
Backdoor
Downloader
Exfiltration

Information

https://www.bitdefender.com/files/News/CaseStudies/study/379/Bitdefender-Whitepaper-Chinese-APT.pdf

Other Information

Uuid

334f29bc-e758-4e35-ac9b-d35e4d4e5179

Last Card Change

2021-01-06

Threat Intelligence Garden

Explorer

Md_client

Md_client

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks