SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.caja (Back to overview)

Caja

Actor(s): APT32

Linux malware cross-compiled for x86, MIPS, ARM. XOR encoded strings, 13 commands supported for its C&C, including downloading, file modification and execution and ability to run shell commands.

References
2022-11-14QianxinRed Raindrop Team
@online{team:20221114:operation:d4929d5, author = {Red Raindrop Team}, title = {{Operation (Đường chín đoạn) typhoon: the cyber sea lotus coveting the nine-dash line in the South China Sea}}, date = {2022-11-14}, organization = {Qianxin}, url = {https://mp.weixin.qq.com/s/pd6fUs5TLdBtwUHauclDOQ}, language = {Chinese}, urldate = {2022-11-15} } Operation (Đường chín đoạn) typhoon: the cyber sea lotus coveting the nine-dash line in the South China Sea
Caja

There is no Yara-Signature yet.