UNAPIMON

Description

(Trend Micro) Looking at the behavior of UNAPIMON and how it was used in the attack, we can infer that its primary purpose is to unhook critical API functions in any child process. For environments that implement API monitoring through hooking such as sandboxing systems, UNAPIMON will prevent child processes from being monitored. Thus, this malware can allow any malicious child process to be executed with its behavior undetected.

Names

Name
UNAPIMON

Type

Loader

Information

https://www.trendmicro.com/en_us/research/24/d/earth-freybug.html

Other Information

Uuid

7716ab81-7d3d-4bb6-a614-4d51a273bb3c

Last Card Change

2024-04-22

Threat Intelligence Garden

Explorer

UNAPIMON

UNAPIMON

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks