SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.xagent (Back to overview)

X-Agent

aka: splm, chopstick, fysbis

Actor(s): APT28

There is no description at this point.

References
2020-09-10Kaspersky LabsGReAT
An overview of targeted attacks and APTs on Linux
Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent
2020-01-01SecureworksSecureWorks
IRON TWILIGHT
X-Agent X-Agent X-Agent Computrace HideDRV Sedreco Seduploader X-Agent XTunnel Zebrocy Zebrocy (AutoIT)
2018-02-20Kaspersky LabsGReAT
A Slice of 2017 Sofacy Activity
X-Agent Seduploader X-Agent Zebrocy Zebrocy (AutoIT) APT28
2017-02-20Contagio DumpMila Parkour
Part I. Russian APT - APT28 collection of samples including OSX XAgent
X-Agent Komplex Coreshell Downdelph HideDRV SEADADDY Sedreco Seduploader X-Agent XTunnel
2016-10-20ESET ResearchESET Research
En Route with Sednit Part 2: Observing the Comings and Goings
X-Agent Sedreco X-Agent XTunnel
2016-06-15CrowdStrikeDmitri Alperovitch
Bears in the Midst: Intrusion into the Democratic National Committee
X-Agent ATI-Agent SEADADDY Seduploader X-Agent XTunnel APT28
2016-02-12Palo Alto Networks Unit 42Bryan Lee, Rob Downs
A Look Into Fysbis: Sofacy’s Linux Backdoor
X-Agent
2016-02-12Palo Alto Networks Unit 42Bryan Lee, Rob Downs
A Look Into Fysbis: Sofacy’s Linux Backdoor
X-Agent
2015-12-17BitdefenderBitdefender
APT28 Under the Scope: A Journey into Exfiltrating Intelligence and Government Information
X-Agent XP PrivEsc (CVE-2014-4076)

There is no Yara-Signature yet.