TDTESS

Description

(ClearSky) TDTESS is 64-bit .NET binary backdoor that provides a reverse shell with an option to download and execute files. It routinely calls in to the command and control server for new instructions using basic authentication. Commands are sent via a web page. The malware creates a stealth service, which will not show on the service manager or other tools that enumerate services from WINAPI or Windows Management Instrumentation.

Names

Name
TDTESS

Category

Malware

Type

  • Backdoor
  • Info stealer
  • Downloader

Information

Mitre Attack

Malpedia

Other Information

Uuid

c5b4a58f-1972-434b-bc58-b018be0f8276

Last Card Change

2020-04-23