SYMBOLCOMMON_NAMEaka. SYNONYMS
win.keyhole (Back to overview)

Keyhole

According to Walmart Global Tech, Keyhole is a multi-functional VNC/Backconnect component used extensively by IcedID/Anubis. While the malware contains functionality that has been previously reported on as typical VNC and HDESK capabilities, a general lack of technical information appears to exist around some of the expanded functionality currently present.

References
2024-01-16Medium walmartglobaltechJason Reaves, Jonathan Mccay, Joshua Platt
Keyhole Analysis
IcedID Keyhole

There is no Yara-Signature yet.