According to Symantec, Graphican is an evolution of the known APT15 backdoor Ketrican, which itself was based on a previous malware - BS2005 - also used by APT15. Graphican has the same basic functionality as Ketrican, with the difference between them being Graphican’s use of the Microsoft Graph API and OneDrive to obtain its command-and-control (C&C) infrastructure.
|2023-06-21 ⋅ Symantec ⋅ |
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries
There is no Yara-Signature yet.