zhCat

Description

(Cylance) zhCat is a tool developed by the Operation Cleaver team which operates similarly to NetCat. Its main purpose is to create a channel that is capable of transporting information over the network. The changes made in zhCat allow for this information to be transferred with inline obfuscation and/or encryption. This makes it more difficult to detect that privileged information is being exfiltrated.

Names

Name
zhCat

Type

Tunneling

Information

https://www.cylance.com/content/dam/cylance/pages/operation-cleaver/Cylance_Operation_Cleaver_Report.pdf

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.zhcat

Other Information

Uuid

a3f17fa7-c340-412a-b10c-c4ab6a990622

Last Card Change

2020-05-14

Threat Intelligence Garden

Explorer

zhCat

zhCat

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks