httpclient

Description

(CrowdStrike) simple tool that provides a limited range of functionality and uses HTTP for its C2 channel. This malware also initially performs a connectivity check to www.microsoft.com using the hard-coded user agent Mozilla/4.0 (Compatible; MsIE 6.0;), although in this variant no attempt is made to extract proxy credentials. The malware will then connect to its configured C2 infrastructure (file.anyoffice.info) and perform a HTTP request.

Names

Name
httpclient

Type

Backdoor
Downloader

Information

https://cdn0.vox-cdn.com/assets/4589853/crowdstrike-intelligence-report-putter-panda.original.pdf

Mitre Attack

https://attack.mitre.org/software/S0068/

Other Information

Uuid

f53a60a0-7988-4ef0-9493-3d22909f6638

Last Card Change

2020-04-22

Threat Intelligence Garden

Explorer

httpclient

httpclient

Description

Names

Category

Type

Information

Mitre Attack

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks