Tofu Backdoor

Description

(Cylance) Based upon Cylance’s observations, the Tofu Backdoor was deployed in far fewer instances than the Ham Backdoor. It is a proxy-aware, fully-featured backdoor programmed in C++ and compiled using Visual Studio 2015. The Tofu backdoor makes extensive use of threading to perform individual tasks within the code. It communicates with its C2 server through HTTP over nonstandard TCP ports, and will send encoded information containing basic system information back, including hostname, username, and operating system within the content of the POST.

Names

Name
Tofu Backdoor

Type

Reconnaissance
Backdoor

Information

https://threatvector.cylance.com/en_us/home/the-deception-project-a-new-japanese-centric-threat.html

Other Information

Uuid

385b9f04-1c85-407b-882f-3a0f08857a3b

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Tofu Backdoor

Tofu Backdoor

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks