DownPaper (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.downpaper (Back to overview)

DownPaper

Actor(s): Charming Kitten

DownPaper, sometimes delivered as sami.exe, is a Backdoor trojan. Its main functionality is to download
and run a second stage. This malware has been observed in campaigns involving Charming Kitten, an Iranian cyberespionage group.

References

2022-06-20 ⋅ ⋅ Infinitum IT ⋅ infinitum IT
Charming Kitten (APT35)
LaZagne DownPaper MimiKatz pupy

2017-12-05 ⋅ ClearSky Research Team
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets
DownPaper

2017-12-01 ⋅ ClearSky ⋅ ClearSky Research Team
Charming Kitten
DownPaper Charming Kitten

There is no Yara-Signature yet.

DownPaper Propose Change

References

DownPaper