216.73.216.133

Analysis of APT Attack Cases Using Dora RAT Against Companies

· Published 30/05/2024 15:37 · Modified 30/05/2024 16:02

Export JSON

Essential information

Published
30/05/2024 15:37
Modified
30/05/2024 16:02
Tags
2024-05-30 dora rat infostealer nestdoor
Related entities
1 vulnerabilities (cve), 7 observables, 1 intrusion sets (apt), 9 techniques (mitre), 2 malware, 1 others

Description

This analysis discusses an APT campaign by the Andariel threat group targeting Korean companies and educational institutions. The campaign employed various malware strains, including backdoor, , keyloggers, infostealers, and proxy tools. The attackers exploited vulnerabilities, such as Apache Tomcat and VMware Horizon's Log4Shell, for initial access and malware distribution. The report provides technical details on the malware strains, Command and Control infrastructure, and tactics utilized by the threat actors.

External references