YamaBot

Description

(JPCERT/CC) YamaBot malware communicates with C2 servers using HTTP requests. The following is a list of function names included in the sample that targets Windows OS. It is the attacker that named the malware as Yamabot. Those targeting Windows OS have functions specific to it, such as creating and checking Mutex.

Names

Name
YamaBot
Kaos

Type

Backdoor

Information

https://blogs.jpcert.or.jp/en/2022/07/yamabot.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.yamabot

Other Information

Uuid

f32f2905-4201-428e-974d-7e3d2b7dc53c

Last Card Change

2022-12-28

Threat Intelligence Garden

Explorer

YamaBot

YamaBot

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks