WINTERLOVE

Description

(FireEye) WINTERLOVE is a backdoor used by suspected Chinese cyber espionage actors. WINTERLOVE attempts to load and execute remote code in a running process and can enumerate system files and directories.

Names

Name
WINTERLOVE

Type

Reconnaissance
Backdoor

Information

https://paper.bobylive.com/Security/APT_Report/APT-41.pdf

Other Information

Uuid

f4083b38-7b04-46da-9ad4-5eed72a03841

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

WINTERLOVE

WINTERLOVE

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks