Covicli (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.covicli (Back to overview)

Covicli

aka: Covically

Actor(s): MuddyWater

Covicli is a modified SSLeay32 dynamic library designated as a backdoor.
The dynamic library allows the attacker to communicate with the C2 over openSSL.

References

2020-10-15 ⋅ ClearSky ⋅ ClearSky
Operation Quicksand: MuddyWater’s Offensive Attack Against Israeli Organizations
PowGoop Covicli

There is no Yara-Signature yet.

Covicli Propose Change

References

Covicli