NikiHTTP (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.nikihttp (Back to overview)

NikiHTTP

Actor(s): Kimsuky

NikiHTTP is a versatile backdoor and has multiple capabilities such as download of files, executing them, performing commands, take screenshots and so on.

References

2025-05-15 ⋅ ⋅ EST Security ⋅ Alyac
Beware of Backdoor Malware being Distributed by Exploiting Legitimate Certificates!
NikiHTTP

2024-06-19 ⋅ BartBlaze, Nguyen Nguyen
New North Korean based backdoor packs a punch
NikiHTTP

2024-06-06 ⋅ Blackberry ⋅ Dmitry Melikov
Kimsuky is targeting an arms manufacturer in Europe.
NikiHTTP

There is no Yara-Signature yet.

NikiHTTP Propose Change

References

NikiHTTP