win.unidentified_114 (Back to overview)

Unidentified 114 (APT28 InfoStealer)

Actor(s): APT28

According to Trend Micro, this is a small information stealer written in .NET, that pushes its loot to a benign file sharing service and does not have a direct C&C callback.

2024-01-31Trend MicroFeike Hacquebord, Fernando Mercês
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets
Mocky LNK Unidentified 114 (APT28 InfoStealer)

There is no Yara-Signature yet.