TDTESS
Description
(ClearSky) TDTESS is 64-bit .NET binary backdoor that provides a reverse shell with an option to download and execute files. It routinely calls in to the command and control server for new instructions using basic authentication. Commands are sent via a web page. The malware creates a stealth service, which will not show on the service manager or other tools that enumerate services from WINAPI or Windows Management Instrumentation.
Names
Name |
---|
TDTESS |
Category
Malware
Type
- Backdoor
- Info stealer
- Downloader
Information
Mitre Attack
Malpedia
Other Information
Uuid
c5b4a58f-1972-434b-bc58-b018be0f8276
Last Card Change
2020-04-23