Salgorea

Description

(Accenture) This backdoor is commonly dropped by either an SFX or an exploit document (e.g. Microsoft Corp. Word or PDF file).

Some of this backdoor’s observed capabilities include: • Arbitrary file, process and registration creation • Fingerprinting the local machine • Running arbitrary shellcode

Once dropped, it is usually divided into multiple components in order to be side-loaded, in a fashion similar to other remote access tools including PlugX and NetTraveler.

Names

Name
Salgorea
BadCake

Type

Reconnaissance
Backdoor

Information

https://www.accenture.com/us-en/blogs/blogs-pond-loach-delivers-badcake-malware

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.salgorea

Other Information

Uuid

a4e1fbba-2e37-453c-b688-420e2bb03cdd

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

Salgorea

Salgorea

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks