SYMBOLCOMMON_NAMEaka. SYNONYMS
py.serpent (Back to overview)

Serpent

According to Proofpoint, this is a backdoor written in Python, used in attacks against French entities in the construction, real estate, and government industries.

References
2022-04-25vmwareDarshan Rana
@online{rana:20220425:serpent:c60d8fd, author = {Darshan Rana}, title = {{Serpent – The Backdoor that Hides in Plain Sight}}, date = {2022-04-25}, organization = {vmware}, url = {https://blogs.vmware.com/security/2022/04/serpent-the-backdoor-that-hides-in-plain-sight.html}, language = {English}, urldate = {2022-05-03} } Serpent – The Backdoor that Hides in Plain Sight
Serpent
2022-03-21ProofpointBryan Campbell, Zachary Abzug, Andrew Northern, Selena Larson
@online{campbell:20220321:serpent:12b3381, author = {Bryan Campbell and Zachary Abzug and Andrew Northern and Selena Larson}, title = {{Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain}}, date = {2022-03-21}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/blog/threat-insight/serpent-no-swiping-new-backdoor-targets-french-entities-unique-attack-chain}, language = {English}, urldate = {2022-03-22} } Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain
Serpent
2022-03-21Bleeping ComputerBill Toulas
@online{toulas:20220321:serpent:ee8281b, author = {Bill Toulas}, title = {{Serpent malware campaign abuses Chocolatey Windows package manager}}, date = {2022-03-21}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/serpent-malware-campaign-abuses-chocolatey-windows-package-manager/}, language = {English}, urldate = {2022-03-23} } Serpent malware campaign abuses Chocolatey Windows package manager
Serpent

There is no Yara-Signature yet.