XDDown

Description

(ESET) XDDown is nothing but a downloader – hence our chosen name. This architecture choice is quite different from what we see in other APT malware frameworks, which tend to be quite complex with a whole set of backdoor commands and a logging mechanism. On one hand, the XDSpy approach is easier to develop but, on the other hand, it is much less flexible for the operators as a new binary needs to be built, downloaded and executed to perform any action on the compromised machine.

Names

Name
XDDown

Type

Downloader

Information

https://vblocalhost.com/uploads/VB2020-Faou-Labelle.pdf

Other Information

Uuid

ab6d109c-f316-4be7-9c50-d765ab3be7a7

Last Card Change

2020-10-19

Threat Intelligence Garden

Explorer

XDDown

XDDown

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks