Reshell

Description

(Palo Alto) Following the creation of the users and the reconnaissance activity, the attackers attempted to execute a previously undocumented .NET backdoor, which they named windows.exe. We named this threat Reshell based on its program database (PDB) path.

Names

Name
Reshell

Type

Backdoor

Information

https://unit42.paloaltonetworks.com/alloy-taurus-targets-se-asian-government/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.reshell

Other Information

Uuid

695b8976-7390-45ec-a406-b8a01202bf8b

Last Card Change

2024-12-27

Threat Intelligence Garden

Explorer

Reshell

Reshell

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks