PHOREAL

Description

(Cylance) Rizzo is a very simple backdoor that is capable of creating a reverse shell, performing simple file I/O and top-level window enumeration. It communicates to a list of four preconfigured C2 servers via ICMP on port 53.

Names

Name
PHOREAL
Rizzo

Type

Backdoor

Information

https://www.cylance.com/content/dam/cylance-web/en-us/resources/knowledge-center/resource-library/reports/SpyRATsofOceanLotusMalwareWhitePaper.pdf

Mitre Attack

https://attack.mitre.org/software/S0158/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.phoreal

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:PHOREAL

Other Information

Uuid

debf2ce2-bb35-478d-b77a-6ed8ac297c97

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

PHOREAL

PHOREAL

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks