Pylot

Description

(Carbon Black) The Pylot (or Travle) malware family appears to be an evolution of the NetTraveler malware family (which has been linked to attackers out of China by numerous sources). Over the last year a variant has been observed as a secondary payload often used in conjunction with malicious carrier files (typically MS Office or Rich Text Format (RTF) documents).

The Pylot malware has been observed being installed via shellcode from known CVEs in Office products as well as by malware loaders (or first stage malware variants, specifically the CMStar malware family). In late 2017 samples of the Pylot family were submitted, by customers, to the Carbon Black Threat Analysis Unit (TAU) as part of ongoing investigation.

Names

Name
Pylot
Travle

Type

Backdoor
Info stealer

Information

https://www.carbonblack.com/2018/01/26/threat-analysis-pylot-travle-malware-family/

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:PYLOT

Other Information

Uuid

f5e66c69-d62f-41cd-88da-fbe2d53d1dd3

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Pylot

Pylot

Description

Names

Category

Type

Information

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks