You are here

Displaying 1 - 4 of 4

This strikes simulates Andariel 2017 Command and Control traffic after installing Rifdoor module.

This strike simulates Andariel-2019 Command and Control traffic after installing the Signed Rifdoor module. This Strike sends data over TCP port 443, although many packet capture tools like Wireshark will call this encrypted data, this is not actually SSL Encrypted Data. These are encrypted/encoded command and control exchanges, but they are not SSL.

This strike simulates Andariel-2019 Command and Control traffic after installing proto module by sending Base64 encoded host Mac address.

This strike simulates Andariel-2019 Command and Control traffic after installing ApolloZeus Loader module. This Strike sends data over TCP port 443, although many packet capture tools like Wireshark will call this encrypted data, this is not actually SSL Encrypted Data. These are encrypted/encoded command and control exchanges, but they are not SSL.