"performs environment validation checks to ensure it is not executed in vms, sandboxes, or analysis environments. for that, it checks for debuggers, specific virtualization artifacts, and behavioral and environmental characteristics. once active, the backdoor enables shell command…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1572Protocol Tunneling
59%
"are blocked, and uses public tunneling for covert and resilient communication that blends with legitimate traffic. “ additionally, the combination of multi - layer persistence, advanced defense evasion ( amsi / etw patching, ntdll unhooking ), and in - memory stealth techniques a…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.006Python
40%
"sophisticated deep # door backdoor enables espionage, disruption a newly identified stealthy python - based backdoor framework provides attackers with persistent remote command execution and surveillance capabilities on windows computers, securonix reports. the malware ’ s infect…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1055.001Dynamic-link Library Injection
37%
"sophisticated deep # door backdoor enables espionage, disruption a newly identified stealthy python - based backdoor framework provides attackers with persistent remote command execution and surveillance capabilities on windows computers, securonix reports. the malware ’ s infect…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1497.001System Checks
36%
"performs environment validation checks to ensure it is not executed in vms, sandboxes, or analysis environments. for that, it checks for debuggers, specific virtualization artifacts, and behavioral and environmental characteristics. once active, the backdoor enables shell command…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1584.002DNS Server
31%
"are blocked, and uses public tunneling for covert and resilient communication that blends with legitimate traffic. “ additionally, the combination of multi - layer persistence, advanced defense evasion ( amsi / etw patching, ntdll unhooking ), and in - memory stealth techniques a…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.