SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.caja (Back to overview)

Caja

Actor(s): APT32


Linux malware cross-compiled for x86, MIPS, ARM. XOR encoded strings, 13 commands supported for its C&C, including downloading, file modification and execution and ability to run shell commands.

References
2022-11-14QianxinRed Raindrop Team
Operation (Đường chín đoạn) typhoon: the cyber sea lotus coveting the nine-dash line in the South China Sea
Caja

There is no Yara-Signature yet.