TDTESS

Description

(ClearSky) TDTESS is 64-bit .NET binary backdoor that provides a reverse shell with an option to download and execute files. It routinely calls in to the command and control server for new instructions using basic authentication. Commands are sent via a web page. The malware creates a stealth service, which will not show on the service manager or other tools that enumerate services from WINAPI or Windows Management Instrumentation.

Names

Name
TDTESS

Type

Backdoor
Info stealer
Downloader

Information

https://www.clearskysec.com/wp-content/uploads/2017/07/Operation_Wilted_Tulip.pdf

Mitre Attack

https://attack.mitre.org/software/S0164/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.tdtess

Other Information

Uuid

c5b4a58f-1972-434b-bc58-b018be0f8276

Last Card Change

2020-04-23

Threat Intelligence Garden

Explorer

TDTESS

TDTESS

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks