SYMBOLCOMMON_NAMEaka. SYNONYMS
win.jumpall (Back to overview)

JUMPALL

Actor(s): APT41

According to FireEye, JUMPALL is a malware dropper that has been observed
dropping HIGHNOON/ZXSHELL/SOGU.

References
2019-08-09FireEyeFireEye
@online{fireeye:20190809:double:40f736e, author = {FireEye}, title = {{Double Dragon APT41, a dual espionage and cyber crime operation}}, date = {2019-08-09}, organization = {FireEye}, url = {https://content.fireeye.com/apt-41/rpt-apt41/}, language = {English}, urldate = {2019-12-18} } Double Dragon APT41, a dual espionage and cyber crime operation
CLASSFON crackshot CROSSWALK GEARSHIFT HIGHNOON HIGHNOON.BIN JUMPALL poisonplug Winnti

There is no Yara-Signature yet.