RotaJakiro is a stealthy Linux backdoor which remained undetected between 2018 and 2021.
The malware uses rotating encryption to encrypt the resource information within the sample, and C2 communication, using a combination of AES, XOR, ROTATE encryption and ZLIB compression.
|2021-05-06 ⋅ 360 netlab ⋅ |
RotaJakiro, the Linux version of the OceanLotus
|2021-04-29 ⋅ DomainTools ⋅ |
DomainTools And Digital Archeology: A Look At RotaJakiro
|2021-04-28 ⋅ 360 netlab ⋅ |
RotaJakiro: A long live secret backdoor with 0 VT detection
There is no Yara-Signature yet.