OwlProxy
Description
(ESET) Across the victims and malware we analyzed here, an interesting piece of malware stood out and needed a deeper look. From an initial, quick analysis, it was recognized as OwlProxy; an HTTP proxy server. A complete analysis can be found in this Cycraft post. This module also comes in two variants – 32- and 64-bit versions – and as a result it contains a function to test the Windows version as in the Gelsemium components.
Names
| Name |
|---|
| OwlProxy |
Category
Malware
Type
- Tunneling
Information
- https://www.welivesecurity.com/wp-content/uploads/2021/06/eset_gelsemium.pdf
- https://medium.com/cycraft/taiwan-government-targeted-by-multiple-cyberattacks-in-april-2020-3b20cea1dc20
- https://lab52.io/blog/chimera-apt-updates-on-its-owlproxy-malware/
Malpedia
Other Information
Uuid
47f36fe6-e027-4622-9958-5deb84631ea4
Last Card Change
2021-12-28