According to FireEye, STEELCORGI is a packer for Linux ELF files that makes use of execution guardrails by sourcing decryption key material from environment variables.
|2022-03-16 ⋅ Mandiant ⋅ |
Have Your Cake and Eat it Too? An Overview of UNC2891
|2021-01-12 ⋅ Yoroi ⋅ |
Opening “STEELCORGI”: A Sophisticated APT Swiss Army Knife
|2020-11-02 ⋅ FireEye ⋅ |
Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945
There is no Yara-Signature yet.