SYMBOLCOMMON_NAMEaka. SYNONYMS
win.ktlv_door (Back to overview)

KTLVdoor

Actor(s): Earth Lusca


According to Trend Micro, KTLVdoor is a highly obfuscated malware that masquerades as different system utilities, allowing attackers to carry out a variety of tasks including file manipulation, command execution, and remote port scanning.

References
2024-09-04Trend MicroCedric Pernet, Jaromír Hořejší
Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion
KTLVdoor KTLVdoor

There is no Yara-Signature yet.