SYMBOLCOMMON_NAMEaka. SYNONYMS
win.seadaddy (Back to overview)

SEADADDY

aka: SeaDuke, Seadask

Actor(s): APT29

Backdoor written in Python 2, deployed with PyInstaller.

References
2020-07-14Cyborg SecurityAustin Jackson
PYTHON MALWARE ON THE RISE
Poet RAT PyLocky SEADADDY
2017-02-20Contagio DumpMila Parkour
Part I. Russian APT - APT28 collection of samples including OSX XAgent
X-Agent Komplex Coreshell Downdelph HideDRV SEADADDY Sedreco Seduploader X-Agent XTunnel
2016-06-15CrowdStrikeDmitri Alperovitch
Bears in the Midst: Intrusion into the Democratic National Committee
X-Agent ATI-Agent SEADADDY Seduploader X-Agent XTunnel APT28
2015-07-13SymantecA L Johnson
“Forkmeiamfamous”: Seaduke, latest weapon in the Duke armory
SEADADDY
2014-07-15Palo Alto Networks Unit 42Josh Grunzweig
Unit 42 Technical Analysis: Seaduke
SEADADDY

There is no Yara-Signature yet.