SYMBOLCOMMON_NAMEaka. SYNONYMS
win.downpaper (Back to overview)

DownPaper

Actor(s): Charming Kitten

DownPaper, sometimes delivered as sami.exe, is a Backdoor trojan. Its main functionality is to download
and run a second stage. This malware has been observed in campaigns involving Charming Kitten, an Iranian cyberespionage group.

References
2022-06-20Infinitum ITinfinitum IT
Charming Kitten (APT35)
LaZagne DownPaper MimiKatz pupy
2017-12-05ClearSky Research Team
Charming Kitten: Iranian Cyber Espionage Against Human Rights Activists, Academic Researchers and Media Outlets
DownPaper
2017-12-01ClearSkyClearSky Research Team
Charming Kitten
DownPaper Charming Kitten

There is no Yara-Signature yet.