ScanLine (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.scanline (Back to overview)

ScanLine

Actor(s): Volt Typhoon

According to CISA, this is a command-line port scanning utility from Foundstone. It is used to scan for open UDP and TCP ports, grab banners from open ports, resolve IP addresses to host names, and bind to specified ports and IP addresses.

References

2024-02-07 ⋅ CISA ⋅ CISA
MAR-10448362-1.v1 Volt Typhoon
ScanLine

2024-02-07 ⋅ CISA ⋅ CISA
PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
ScanLine

There is no Yara-Signature yet.

ScanLine Propose Change

References

ScanLine