TERA

Description

(FireEye) TERA is a backdoor that uses legitimate services, such as Google Translate and Yahoo! Babel Fish, as proxies to download C&C configurations. It also uses a rootkit to mask network activity. After resolving the IP address of its C&C server, TERA will provide an input output control (IOCTL) code to its driver (rootkit component).

Names

Name
TERA

Type

Backdoor

Information

https://paper.bobylive.com/Security/APT_Report/APT-41.pdf

Other Information

Uuid

77b5fbe8-2a9e-4e60-8f9f-94b1b07b0daf

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

TERA

TERA

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks