SYMBOLCOMMON_NAMEaka. SYNONYMS
win.felixroot (Back to overview)

Felixroot

Actor(s): GreyEnergy

There is no description at this point.

References
2021-09-06cocomelonccocomelonc
@online{cocomelonc:20210906:av:215e5aa, author = {cocomelonc}, title = {{AV engines evasion for C++ simple malware: part 2}}, date = {2021-09-06}, organization = {cocomelonc}, url = {https://cocomelonc.github.io/tutorial/2021/09/06/simple-malware-av-evasion-2.html}, language = {English}, urldate = {2023-07-24} } AV engines evasion for C++ simple malware: part 2
Agent Tesla Amadey Anchor AnchorMTea Carbanak Carberp Cardinal RAT Felixroot Konni Loki Password Stealer (PWS) Maze
2018-10-18ESET ResearchAnton Cherepanov
@techreport{cherepanov:20181018:greyenergy:9885d0c, author = {Anton Cherepanov}, title = {{GREYENERGY: A successor to BlackEnergy}}, date = {2018-10-18}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2018/10/ESET_GreyEnergy.pdf}, language = {English}, urldate = {2020-01-09} } GREYENERGY: A successor to BlackEnergy
Felixroot GreyEnergy
2018-08-28Medium SebdravenSébastien Larinier
@online{larinier:20180828:when:0389d90, author = {Sébastien Larinier}, title = {{When a malware is more complex than the paper}}, date = {2018-08-28}, organization = {Medium Sebdraven}, url = {https://medium.com/@Sebdraven/when-a-malware-is-more-complex-than-the-paper-5822fc7ff257}, language = {English}, urldate = {2020-01-13} } When a malware is more complex than the paper
Felixroot
2018-07-26FireEyeSwapnil Patil
@online{patil:20180726:microsoft:f03d7c7, author = {Swapnil Patil}, title = {{Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign}}, date = {2018-07-26}, organization = {FireEye}, url = {https://www.fireeye.com/blog/threat-research/2018/07/microsoft-office-vulnerabilities-used-to-distribute-felixroot-backdoor.html}, language = {English}, urldate = {2019-12-20} } Microsoft Office Vulnerabilities Used to Distribute FELIXROOT Backdoor in Recent Campaign
Felixroot

There is no Yara-Signature yet.