Sisfader

Description

(NCC Group) The payload installed by the WLL file is not a common RAT. We believe it to be either new or custom. Context Information Security, one of the other industry partners on the UK Cyber Incident Response scheme, has named this RAT Sisfader. We have adopted this name for consistency. It maintains persistence installing itself as a system service and has multiple components.

Names

Name
Sisfader
Sisfader RAT

Type

Backdoor
Info stealer

Information

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/cve-2017-8570-rtf-and-the-sisfader-rat/
https://medium.com/@Sebdraven/gobelin-panda-against-the-bears-1f462d00e3a4

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.sisfader

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:Sisfader

Other Information

Uuid

2f42d87f-40c0-463e-8f89-ee1a9f7c8ea9

Last Card Change

2020-05-14

Threat Intelligence Garden

Explorer

Sisfader

Sisfader

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks