SnappyTCP (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

elf.snappy_tcp (Back to overview)

SnappyTCP

Actor(s): Sea Turtle

According to PwC, SnappyTCP is a simple reverse shell for Linux/Unix systems, with variants for plaintext and TLS communication. SeaTurtle has used SnappyTCP at least between 2021 and 2023.

References

2024-01-05 ⋅ HUNT & HACKETT ⋅ Hunt & Hackett Research Team
Turkish espionage campaigns in the Netherlands
SnappyTCP

2023-12-27 ⋅ StrikeReady ⋅ StrikeReady Labs
Pivoting through a Sea of indicators to spot Turtles
SnappyTCP

2023-12-05 ⋅ PWC ⋅ PwC Threat Intelligence
The Tortoise and The Malwahare
SnappyTCP

There is no Yara-Signature yet.

SnappyTCP Propose Change

References

SnappyTCP