Actor(s): Charming Kitten
DownPaper, sometimes delivered as sami.exe, is a Backdoor trojan. Its main functionality is to download
and run a second stage. This malware has been observed in campaigns involving Charming Kitten, an Iranian cyberespionage group.
|2022-06-20 ⋅ Infinitum IT ⋅ |
Charming Kitten (APT35)
LaZagne DownPaper MimiKatz pupy
|2017-12-05 ⋅ |
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets
|2017-12 ⋅ ClearSky ⋅ |
DownPaper Charming Kitten
There is no Yara-Signature yet.