SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.gokcpdoor (Back to overview)

gokcpdoor

According to LAC, this malware is written in Go and was observed in 2022 used by an unknown China-based APT across several incidents in Japan. This backdoor has 20 commands and connects with C2 servers via KCP over UDP.

References
2023-09-24Virus BulletinTakuma Matsumoto, Yoshihiro Ishikawa
Let's GO Door with KCP
gokcpdoor

There is no Yara-Signature yet.