NachoCheese

Description

According to FireEye, NACHOCHEESE is a command-line tunneler that accepts delimited C&C IPs or domains via command-line and gives actors shell access to a victim’s system.

Names

Name
NachoCheese
NACHOCHEESE
Cyruslish
TWOPENCE
VIVACIOUSGIFT

Type

Backdoor
Tunneling

Information

https://blog.lexfo.fr/ressources/Lexfo-WhitePaper-The_Lazarus_Constellation.pdf
https://us-cert.cisa.gov/ncas/analysis-reports/ar20-239b
https://baesystemsai.blogspot.com/2017/02/lazarus-false-flag-malware.html
https://www.fireeye.com/content/dam/fireeye-www/current-threats/pdfs/pf/apt/rpt-apt38-2018.pdf
https://www.welivesecurity.com/2017/02/16/demystifying-targeted-malware-used-polish-banks/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.nachocheese

Other Information

Uuid

5be3507d-33e7-4c7b-bf47-de35732f280a

Last Card Change

2022-12-29

Threat Intelligence Garden

Explorer

NachoCheese

NachoCheese

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks