SYMBOLCOMMON_NAMEaka. SYNONYMS
win.deeppost (Back to overview)

DEEPPOST

According to Volexity, DEEPPOST is a post-exploitation data exfiltration tool used to send files to a remote system.

References
2024-11-15VolexityCallum Roxan, Charlie Gardner, Paul Rascagnères
BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA
lightSpy LIGHTSPY BH_A006 DEEPDATA DEEPPOST BrazenBamboo

There is no Yara-Signature yet.