<!DOCTYPE html> <html lang='en'> <head> <script async src="https://www.googletagmanager.com/gtag/js?id=UA-62667723-1"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'UA-62667723-1'); </script> <meta name="google-site-verification" content="2oJKLqNN62z6AOCb0A0IXGtbQuj-lev5YPAHFF_cbHQ"/> <meta charset='utf-8'> <meta name='viewport' content='width=device-width, initial-scale=1,shrink-to-fit=no'> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <link rel='shortcut icon' href="/versions/v13/theme/favicon.ico" type='image/x-icon'> <title>Backdoor.Oldrea, Software S0093 | MITRE ATT&CK&reg;</title> <!-- Bootstrap CSS --> <link rel='stylesheet' href="/versions/v13/theme/style/bootstrap.min.css" /> <link rel='stylesheet' href="/versions/v13/theme/style/bootstrap-glyphicon.min.css" /> <link rel='stylesheet' href="/versions/v13/theme/style/bootstrap-tourist.css" /> <link rel='stylesheet' href="/versions/v13/theme/style/bootstrap-select.min.css" /> <link rel="stylesheet" type="text/css" href="/versions/v13/theme/style.min.css?e8044105"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"> </head> <body> <div class="container-fluid attack-website-wrapper d-flex flex-column h-100"> <div class="row sticky-top flex-grow-0 flex-shrink-1"> <!-- header elements --> <header class="col px-0"> <nav class='navbar navbar-expand-lg navbar-dark position-static'> <a class='navbar-brand' href="/versions/v13/"><img src="/versions/v13/theme/images/mitre_attack_logo.png" class="attack-logo"></a> <button class='navbar-toggler' type='button' data-toggle='collapse' data-target='#navbarCollapse' aria-controls='navbarCollapse' aria-expanded='false' aria-label='Toggle navigation'> <span class='navbar-toggler-icon'></span> </button> <div class='collapse navbar-collapse' id='navbarCollapse'> <ul class='nav nav-tabs ml-auto'> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v13/matrices/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Matrices</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v13/matrices/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v13/matrices/mobile/">Mobile</a> <a class="dropdown-item" href="/versions/v13/matrices/ics/">ICS</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v13/tactics/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Tactics</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v13/tactics/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v13/tactics/mobile/">Mobile</a> <a class="dropdown-item" href="/versions/v13/tactics/ics/">ICS</a> </div> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v13/techniques/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Techniques</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v13/techniques/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v13/techniques/mobile/">Mobile</a> <a class="dropdown-item" href="/versions/v13/techniques/ics/">ICS</a> </div> </li> <li class="nav-item"> <a href="/versions/v13/datasources" class="nav-link" ><b>Data Sources</b></a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v13/mitigations/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Mitigations</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v13/mitigations/enterprise/">Enterprise</a> <a class="dropdown-item" href="/versions/v13/mitigations/mobile/">Mobile</a> <a class="dropdown-item" href="/versions/v13/mitigations/ics/">ICS</a> </div> </li> <li class="nav-item"> <a href="/versions/v13/groups" class="nav-link" ><b>Groups</b></a> </li> <li class="nav-item"> <a href="/versions/v13/software/" class="nav-link" ><b>Software</b></a> </li> <li class="nav-item"> <a href="/versions/v13/campaigns" class="nav-link" ><b>Campaigns</b></a> </li> <li class="nav-item dropdown"> <a class="nav-link dropdown-toggle" href="/versions/v13/resources/" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>Resources</b> </a> <div class="dropdown-menu " aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="/versions/v13/resources/">General Information</a> <a class="dropdown-item" href="/versions/v13/resources/getting-started/">Getting Started</a> <a class="dropdown-item" href="/versions/v13/resources/training/">Training</a> <a class="dropdown-item" href="/versions/v13/resources/attackcon/">ATT&CKcon</a> <a class="dropdown-item" href="/versions/v13/resources/working-with-attack/">Working with ATT&CK</a> <a class="dropdown-item" href="/versions/v13/resources/faq/">FAQ</a> <a class="dropdown-item" href="/resources/updates/">Updates</a> <a class="dropdown-item" href="/resources/versions/">Versions of ATT&CK</a> <a class="dropdown-item" href="/versions/v13/resources/related-projects/">Related Projects</a> <a class="dropdown-item" href="/versions/v13/resources/brand/">Brand Guide</a> </div> </li> <li class="nav-item"> <a href="https://medium.com/mitre-attack/" target="_blank" class="nav-link"> <b>Blog</b>&nbsp; <img src="/versions/v13/theme/images/external-site.svg" alt="External site" class="external-icon" /> </a> </li> <li class="nav-item"> <a href="/versions/v13/resources/contribute/" class="nav-link" ><b>Contribute</b></a> </li> <li class="nav-item"> <button id="search-button" class="btn search-button">Search <div id="search-icon" class="icon-button search-icon"></div></button> </li> </ul> </div> </nav> </header> </div> <div class="row flex-grow-0 flex-shrink-1"> <!-- banner elements --> <div class="col px-0"> <!-- don't edit or remove the line below even though it's commented out, it gets parsed and replaced by the versioning feature --> <div class="container-fluid version-banner"><div class="icon-inline baseline mr-1"><img src="/versions/v13/theme/images/icon-warning-24px.svg"></div>Currently viewing <a href="https://github.com/mitre/cti/releases/tag/ATT%26CK-v13.1" target="_blank">ATT&CK v13.1</a> which was live between April 25, 2023 and October 30, 2023. <a href="/resources/versions/">Learn more about the versioning system</a> or <a href="/">see the live site</a>.</div> </div> </div> <div class="row flex-grow-1 flex-shrink-0"> <!-- main content elements --> <!--start-indexing-for-search--> <div class="sidebar nav sticky-top flex-column pr-0 pt-4 pb-3 pl-3" id="v-tab" role="tablist" aria-orientation="vertical"> <div class="resizer"></div> <!--stop-indexing-for-search--> <div id="v-tab" role="tablist" aria-orientation="vertical" class="h-100"> <div class="sidenav-wrapper"> <div class="heading" data-toggle="collapse" data-target="#sidebar-collapse" id="v-home-tab" aria-selected="false">SOFTWARE <i class="fa fa-fw fa-chevron-down"></i> <i class="fa fa-fw fa-chevron-up"></i> </div> <br class="br-mobile"> <div class="collapse show" id="sidebar-collapse"> <div class="sidenav-list"> <div class="sidenav"> <div class="sidenav-head " id="0-0"> <a href="/versions/v13/software/"> Overview </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="3PARA RAT-3PARA RAT"> <a href="/versions/v13/software/S0066/"> 3PARA RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="4H RAT-4H RAT"> <a href="/versions/v13/software/S0065/"> 4H RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AADInternals-AADInternals"> <a href="/versions/v13/software/S0677/"> AADInternals </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ABK-ABK"> <a href="/versions/v13/software/S0469/"> ABK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AbstractEmu-AbstractEmu"> <a href="/versions/v13/software/S1061/"> AbstractEmu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ACAD/Medre.A-ACAD/Medre.A"> <a href="/versions/v13/software/S1000/"> ACAD/Medre.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Action RAT-Action RAT"> <a href="/versions/v13/software/S1028/"> Action RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="adbupd-adbupd"> <a href="/versions/v13/software/S0202/"> adbupd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AdFind-AdFind"> <a href="/versions/v13/software/S0552/"> AdFind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Adups-Adups"> <a href="/versions/v13/software/S0309/"> Adups </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ADVSTORESHELL-ADVSTORESHELL"> <a href="/versions/v13/software/S0045/"> ADVSTORESHELL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Agent Smith-Agent Smith"> <a href="/versions/v13/software/S0440/"> Agent Smith </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Agent Tesla-Agent Tesla"> <a href="/versions/v13/software/S0331/"> Agent Tesla </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Agent.btz-Agent.btz"> <a href="/versions/v13/software/S0092/"> Agent.btz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Allwinner-Allwinner"> <a href="/versions/v13/software/S0319/"> Allwinner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Amadey-Amadey"> <a href="/versions/v13/software/S1025/"> Amadey </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Anchor-Anchor"> <a href="/versions/v13/software/S0504/"> Anchor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Android/AdDisplay.Ashas-Android/AdDisplay.Ashas"> <a href="/versions/v13/software/S0525/"> Android/AdDisplay.Ashas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Android/Chuli.A-Android/Chuli.A"> <a href="/versions/v13/software/S0304/"> Android/Chuli.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AndroidOS/MalLocker.B-AndroidOS/MalLocker.B"> <a href="/versions/v13/software/S0524/"> AndroidOS/MalLocker.B </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ANDROIDOS_ANSERVER.A-ANDROIDOS_ANSERVER.A"> <a href="/versions/v13/software/S0310/"> ANDROIDOS_ANSERVER.A </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AndroRAT-AndroRAT"> <a href="/versions/v13/software/S0292/"> AndroRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Anubis-Anubis"> <a href="/versions/v13/software/S0422/"> Anubis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AppleJeus-AppleJeus"> <a href="/versions/v13/software/S0584/"> AppleJeus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AppleSeed-AppleSeed"> <a href="/versions/v13/software/S0622/"> AppleSeed </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Aria-body-Aria-body"> <a href="/versions/v13/software/S0456/"> Aria-body </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Arp-Arp"> <a href="/versions/v13/software/S0099/"> Arp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Asacub-Asacub"> <a href="/versions/v13/software/S0540/"> Asacub </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ASPXSpy-ASPXSpy"> <a href="/versions/v13/software/S0073/"> ASPXSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Astaroth-Astaroth"> <a href="/versions/v13/software/S0373/"> Astaroth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="at-at"> <a href="/versions/v13/software/S0110/"> at </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Attor-Attor"> <a href="/versions/v13/software/S0438/"> Attor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AuditCred-AuditCred"> <a href="/versions/v13/software/S0347/"> AuditCred </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AuTo Stealer-AuTo Stealer"> <a href="/versions/v13/software/S1029/"> AuTo Stealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AutoIt backdoor-AutoIt backdoor"> <a href="/versions/v13/software/S0129/"> AutoIt backdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Avaddon-Avaddon"> <a href="/versions/v13/software/S0640/"> Avaddon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Avenger-Avenger"> <a href="/versions/v13/software/S0473/"> Avenger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="AvosLocker-AvosLocker"> <a href="/versions/v13/software/S1053/"> AvosLocker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Azorult-Azorult"> <a href="/versions/v13/software/S0344/"> Azorult </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Babuk-Babuk"> <a href="/versions/v13/software/S0638/"> Babuk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BabyShark-BabyShark"> <a href="/versions/v13/software/S0414/"> BabyShark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BackConfig-BackConfig"> <a href="/versions/v13/software/S0475/"> BackConfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head active " id="Backdoor.Oldrea-Backdoor.Oldrea"> <a href="/versions/v13/software/S0093/"> Backdoor.Oldrea </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BACKSPACE-BACKSPACE"> <a href="/versions/v13/software/S0031/"> BACKSPACE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bad Rabbit-Bad Rabbit"> <a href="/versions/v13/software/S0606/"> Bad Rabbit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BADCALL-BADCALL"> <a href="/versions/v13/software/S0245/"> BADCALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BADFLICK-BADFLICK"> <a href="/versions/v13/software/S0642/"> BADFLICK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BADNEWS-BADNEWS"> <a href="/versions/v13/software/S0128/"> BADNEWS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BadPatch-BadPatch"> <a href="/versions/v13/software/S0337/"> BadPatch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bandook-Bandook"> <a href="/versions/v13/software/S0234/"> Bandook </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bankshot-Bankshot"> <a href="/versions/v13/software/S0239/"> Bankshot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bazar-Bazar"> <a href="/versions/v13/software/S0534/"> Bazar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BBK-BBK"> <a href="/versions/v13/software/S0470/"> BBK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BBSRAT-BBSRAT"> <a href="/versions/v13/software/S0127/"> BBSRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BendyBear-BendyBear"> <a href="/versions/v13/software/S0574/"> BendyBear </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BISCUIT-BISCUIT"> <a href="/versions/v13/software/S0017/"> BISCUIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bisonal-Bisonal"> <a href="/versions/v13/software/S0268/"> Bisonal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BitPaymer-BitPaymer"> <a href="/versions/v13/software/S0570/"> BitPaymer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BITSAdmin-BITSAdmin"> <a href="/versions/v13/software/S0190/"> BITSAdmin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Black Basta-Black Basta"> <a href="/versions/v13/software/S1070/"> Black Basta </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BlackCat-BlackCat"> <a href="/versions/v13/software/S1068/"> BlackCat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BLACKCOFFEE-BLACKCOFFEE"> <a href="/versions/v13/software/S0069/"> BLACKCOFFEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BlackEnergy-BlackEnergy"> <a href="/versions/v13/software/S0089/"> BlackEnergy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BlackMould-BlackMould"> <a href="/versions/v13/software/S0564/"> BlackMould </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BLINDINGCAN-BLINDINGCAN"> <a href="/versions/v13/software/S0520/"> BLINDINGCAN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BloodHound-BloodHound"> <a href="/versions/v13/software/S0521/"> BloodHound </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BLUELIGHT-BLUELIGHT"> <a href="/versions/v13/software/S0657/"> BLUELIGHT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bonadan-Bonadan"> <a href="/versions/v13/software/S0486/"> Bonadan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BONDUPDATER-BONDUPDATER"> <a href="/versions/v13/software/S0360/"> BONDUPDATER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BoomBox-BoomBox"> <a href="/versions/v13/software/S0635/"> BoomBox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BOOSTWRITE-BOOSTWRITE"> <a href="/versions/v13/software/S0415/"> BOOSTWRITE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BOOTRASH-BOOTRASH"> <a href="/versions/v13/software/S0114/"> BOOTRASH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BoxCaon-BoxCaon"> <a href="/versions/v13/software/S0651/"> BoxCaon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BrainTest-BrainTest"> <a href="/versions/v13/software/S0293/"> BrainTest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Brave Prince-Brave Prince"> <a href="/versions/v13/software/S0252/"> Brave Prince </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bread-Bread"> <a href="/versions/v13/software/S0432/"> Bread </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Briba-Briba"> <a href="/versions/v13/software/S0204/"> Briba </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Brute Ratel C4-Brute Ratel C4"> <a href="/versions/v13/software/S1063/"> Brute Ratel C4 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BS2005-BS2005"> <a href="/versions/v13/software/S0014/"> BS2005 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BUBBLEWRAP-BUBBLEWRAP"> <a href="/versions/v13/software/S0043/"> BUBBLEWRAP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="build_downer-build_downer"> <a href="/versions/v13/software/S0471/"> build_downer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bumblebee-Bumblebee"> <a href="/versions/v13/software/S1039/"> Bumblebee </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Bundlore-Bundlore"> <a href="/versions/v13/software/S0482/"> Bundlore </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="BusyGasper-BusyGasper"> <a href="/versions/v13/software/S0655/"> BusyGasper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cachedump-Cachedump"> <a href="/versions/v13/software/S0119/"> Cachedump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CaddyWiper-CaddyWiper"> <a href="/versions/v13/software/S0693/"> CaddyWiper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cadelspy-Cadelspy"> <a href="/versions/v13/software/S0454/"> Cadelspy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CALENDAR-CALENDAR"> <a href="/versions/v13/software/S0025/"> CALENDAR </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Calisto-Calisto"> <a href="/versions/v13/software/S0274/"> Calisto </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CallMe-CallMe"> <a href="/versions/v13/software/S0077/"> CallMe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cannon-Cannon"> <a href="/versions/v13/software/S0351/"> Cannon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Carbanak-Carbanak"> <a href="/versions/v13/software/S0030/"> Carbanak </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Carberp-Carberp"> <a href="/versions/v13/software/S0484/"> Carberp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Carbon-Carbon"> <a href="/versions/v13/software/S0335/"> Carbon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CarbonSteal-CarbonSteal"> <a href="/versions/v13/software/S0529/"> CarbonSteal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cardinal RAT-Cardinal RAT"> <a href="/versions/v13/software/S0348/"> Cardinal RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CARROTBALL-CARROTBALL"> <a href="/versions/v13/software/S0465/"> CARROTBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CARROTBAT-CARROTBAT"> <a href="/versions/v13/software/S0462/"> CARROTBAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Catchamas-Catchamas"> <a href="/versions/v13/software/S0261/"> Catchamas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Caterpillar WebShell-Caterpillar WebShell"> <a href="/versions/v13/software/S0572/"> Caterpillar WebShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CCBkdr-CCBkdr"> <a href="/versions/v13/software/S0222/"> CCBkdr </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ccf32-ccf32"> <a href="/versions/v13/software/S1043/"> ccf32 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cerberus-Cerberus"> <a href="/versions/v13/software/S0480/"> Cerberus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="certutil-certutil"> <a href="/versions/v13/software/S0160/"> certutil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Chaes-Chaes"> <a href="/versions/v13/software/S0631/"> Chaes </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Chaos-Chaos"> <a href="/versions/v13/software/S0220/"> Chaos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Charger-Charger"> <a href="/versions/v13/software/S0323/"> Charger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CharmPower-CharmPower"> <a href="/versions/v13/software/S0674/"> CharmPower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ChChes-ChChes"> <a href="/versions/v13/software/S0144/"> ChChes </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CHEMISTGAMES-CHEMISTGAMES"> <a href="/versions/v13/software/S0555/"> CHEMISTGAMES </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cherry Picker-Cherry Picker"> <a href="/versions/v13/software/S0107/"> Cherry Picker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="China Chopper-China Chopper"> <a href="/versions/v13/software/S0020/"> China Chopper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Chinoxy-Chinoxy"> <a href="/versions/v13/software/S1041/"> Chinoxy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CHOPSTICK-CHOPSTICK"> <a href="/versions/v13/software/S0023/"> CHOPSTICK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Chrommme-Chrommme"> <a href="/versions/v13/software/S0667/"> Chrommme </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Circles-Circles"> <a href="/versions/v13/software/S0602/"> Circles </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Clambling-Clambling"> <a href="/versions/v13/software/S0660/"> Clambling </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Clop-Clop"> <a href="/versions/v13/software/S0611/"> Clop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CloudDuke-CloudDuke"> <a href="/versions/v13/software/S0054/"> CloudDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="cmd-cmd"> <a href="/versions/v13/software/S0106/"> cmd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cobalt Strike-Cobalt Strike"> <a href="/versions/v13/software/S0154/"> Cobalt Strike </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cobian RAT-Cobian RAT"> <a href="/versions/v13/software/S0338/"> Cobian RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CoinTicker-CoinTicker"> <a href="/versions/v13/software/S0369/"> CoinTicker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Comnie-Comnie"> <a href="/versions/v13/software/S0244/"> Comnie </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ComRAT-ComRAT"> <a href="/versions/v13/software/S0126/"> ComRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Concipit1248-Concipit1248"> <a href="/versions/v13/software/S0426/"> Concipit1248 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Conficker-Conficker"> <a href="/versions/v13/software/S0608/"> Conficker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ConnectWise-ConnectWise"> <a href="/versions/v13/software/S0591/"> ConnectWise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Conti-Conti"> <a href="/versions/v13/software/S0575/"> Conti </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CookieMiner-CookieMiner"> <a href="/versions/v13/software/S0492/"> CookieMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CORALDECK-CORALDECK"> <a href="/versions/v13/software/S0212/"> CORALDECK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CORESHELL-CORESHELL"> <a href="/versions/v13/software/S0137/"> CORESHELL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Corona Updates-Corona Updates"> <a href="/versions/v13/software/S0425/"> Corona Updates </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CosmicDuke-CosmicDuke"> <a href="/versions/v13/software/S0050/"> CosmicDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CostaBricks-CostaBricks"> <a href="/versions/v13/software/S0614/"> CostaBricks </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CozyCar-CozyCar"> <a href="/versions/v13/software/S0046/"> CozyCar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CrackMapExec-CrackMapExec"> <a href="/versions/v13/software/S0488/"> CrackMapExec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CreepyDrive-CreepyDrive"> <a href="/versions/v13/software/S1023/"> CreepyDrive </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CreepySnail-CreepySnail"> <a href="/versions/v13/software/S1024/"> CreepySnail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Crimson-Crimson"> <a href="/versions/v13/software/S0115/"> Crimson </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CrossRAT-CrossRAT"> <a href="/versions/v13/software/S0235/"> CrossRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Crutch-Crutch"> <a href="/versions/v13/software/S0538/"> Crutch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cryptoistic-Cryptoistic"> <a href="/versions/v13/software/S0498/"> Cryptoistic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="CSPY Downloader-CSPY Downloader"> <a href="/versions/v13/software/S0527/"> CSPY Downloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cuba-Cuba"> <a href="/versions/v13/software/S0625/"> Cuba </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Cyclops Blink-Cyclops Blink"> <a href="/versions/v13/software/S0687/"> Cyclops Blink </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dacls-Dacls"> <a href="/versions/v13/software/S0497/"> Dacls </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DanBot-DanBot"> <a href="/versions/v13/software/S1014/"> DanBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DarkComet-DarkComet"> <a href="/versions/v13/software/S0334/"> DarkComet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DarkTortilla-DarkTortilla"> <a href="/versions/v13/software/S1066/"> DarkTortilla </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DarkWatchman-DarkWatchman"> <a href="/versions/v13/software/S0673/"> DarkWatchman </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Daserf-Daserf"> <a href="/versions/v13/software/S0187/"> Daserf </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DCSrv-DCSrv"> <a href="/versions/v13/software/S1033/"> DCSrv </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DDKONG-DDKONG"> <a href="/versions/v13/software/S0255/"> DDKONG </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DEADEYE-DEADEYE"> <a href="/versions/v13/software/S1052/"> DEADEYE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DealersChoice-DealersChoice"> <a href="/versions/v13/software/S0243/"> DealersChoice </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DEATHRANSOM-DEATHRANSOM"> <a href="/versions/v13/software/S0616/"> DEATHRANSOM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DEFENSOR ID-DEFENSOR ID"> <a href="/versions/v13/software/S0479/"> DEFENSOR ID </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dendroid-Dendroid"> <a href="/versions/v13/software/S0301/"> Dendroid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Denis-Denis"> <a href="/versions/v13/software/S0354/"> Denis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Derusbi-Derusbi"> <a href="/versions/v13/software/S0021/"> Derusbi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Desert Scorpion-Desert Scorpion"> <a href="/versions/v13/software/S0505/"> Desert Scorpion </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Diavol-Diavol"> <a href="/versions/v13/software/S0659/"> Diavol </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dipsind-Dipsind"> <a href="/versions/v13/software/S0200/"> Dipsind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DnsSystem-DnsSystem"> <a href="/versions/v13/software/S1021/"> DnsSystem </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DOGCALL-DOGCALL"> <a href="/versions/v13/software/S0213/"> DOGCALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dok-Dok"> <a href="/versions/v13/software/S0281/"> Dok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Doki-Doki"> <a href="/versions/v13/software/S0600/"> Doki </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Donut-Donut"> <a href="/versions/v13/software/S0695/"> Donut </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DoubleAgent-DoubleAgent"> <a href="/versions/v13/software/S0550/"> DoubleAgent </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="down_new-down_new"> <a href="/versions/v13/software/S0472/"> down_new </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Downdelph-Downdelph"> <a href="/versions/v13/software/S0134/"> Downdelph </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DownPaper-DownPaper"> <a href="/versions/v13/software/S0186/"> DownPaper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DRATzarus-DRATzarus"> <a href="/versions/v13/software/S0694/"> DRATzarus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DressCode-DressCode"> <a href="/versions/v13/software/S0300/"> DressCode </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dridex-Dridex"> <a href="/versions/v13/software/S0384/"> Dridex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Drinik-Drinik"> <a href="/versions/v13/software/S1054/"> Drinik </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DroidJack-DroidJack"> <a href="/versions/v13/software/S0320/"> DroidJack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DropBook-DropBook"> <a href="/versions/v13/software/S0547/"> DropBook </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Drovorub-Drovorub"> <a href="/versions/v13/software/S0502/"> Drovorub </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="dsquery-dsquery"> <a href="/versions/v13/software/S0105/"> dsquery </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dtrack-Dtrack"> <a href="/versions/v13/software/S0567/"> Dtrack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DualToy-DualToy"> <a href="/versions/v13/software/S0315/"> DualToy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Duqu-Duqu"> <a href="/versions/v13/software/S0038/"> Duqu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="DustySky-DustySky"> <a href="/versions/v13/software/S0062/"> DustySky </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dvmap-Dvmap"> <a href="/versions/v13/software/S0420/"> Dvmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Dyre-Dyre"> <a href="/versions/v13/software/S0024/"> Dyre </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ebury-Ebury"> <a href="/versions/v13/software/S0377/"> Ebury </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ECCENTRICBANDWAGON-ECCENTRICBANDWAGON"> <a href="/versions/v13/software/S0593/"> ECCENTRICBANDWAGON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ecipekac-Ecipekac"> <a href="/versions/v13/software/S0624/"> Ecipekac </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Egregor-Egregor"> <a href="/versions/v13/software/S0554/"> Egregor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="EKANS-EKANS"> <a href="/versions/v13/software/S0605/"> EKANS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Elise-Elise"> <a href="/versions/v13/software/S0081/"> Elise </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ELMER-ELMER"> <a href="/versions/v13/software/S0064/"> ELMER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Emissary-Emissary"> <a href="/versions/v13/software/S0082/"> Emissary </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Emotet-Emotet"> <a href="/versions/v13/software/S0367/"> Emotet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Empire-Empire"> <a href="/versions/v13/software/S0363/"> Empire </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="EnvyScout-EnvyScout"> <a href="/versions/v13/software/S0634/"> EnvyScout </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Epic-Epic"> <a href="/versions/v13/software/S0091/"> Epic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="esentutl-esentutl"> <a href="/versions/v13/software/S0404/"> esentutl </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="eSurv-eSurv"> <a href="/versions/v13/software/S0507/"> eSurv </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="EventBot-EventBot"> <a href="/versions/v13/software/S0478/"> EventBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="EvilBunny-EvilBunny"> <a href="/versions/v13/software/S0396/"> EvilBunny </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="EvilGrab-EvilGrab"> <a href="/versions/v13/software/S0152/"> EvilGrab </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="EVILNUM-EVILNUM"> <a href="/versions/v13/software/S0568/"> EVILNUM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Exaramel for Linux-Exaramel for Linux"> <a href="/versions/v13/software/S0401/"> Exaramel for Linux </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Exaramel for Windows-Exaramel for Windows"> <a href="/versions/v13/software/S0343/"> Exaramel for Windows </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Exobot-Exobot"> <a href="/versions/v13/software/S0522/"> Exobot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Exodus-Exodus"> <a href="/versions/v13/software/S0405/"> Exodus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Expand-Expand"> <a href="/versions/v13/software/S0361/"> Expand </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Explosive-Explosive"> <a href="/versions/v13/software/S0569/"> Explosive </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FakeM-FakeM"> <a href="/versions/v13/software/S0076/"> FakeM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FakeSpy-FakeSpy"> <a href="/versions/v13/software/S0509/"> FakeSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FALLCHILL-FALLCHILL"> <a href="/versions/v13/software/S0181/"> FALLCHILL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FatDuke-FatDuke"> <a href="/versions/v13/software/S0512/"> FatDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Felismus-Felismus"> <a href="/versions/v13/software/S0171/"> Felismus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FELIXROOT-FELIXROOT"> <a href="/versions/v13/software/S0267/"> FELIXROOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ferocious-Ferocious"> <a href="/versions/v13/software/S0679/"> Ferocious </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Fgdump-Fgdump"> <a href="/versions/v13/software/S0120/"> Fgdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Final1stspy-Final1stspy"> <a href="/versions/v13/software/S0355/"> Final1stspy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FinFisher-FinFisher"> <a href="/versions/v13/software/S0182/"> FinFisher </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FIVEHANDS-FIVEHANDS"> <a href="/versions/v13/software/S0618/"> FIVEHANDS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Flagpro-Flagpro"> <a href="/versions/v13/software/S0696/"> Flagpro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Flame-Flame"> <a href="/versions/v13/software/S0143/"> Flame </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FLASHFLOOD-FLASHFLOOD"> <a href="/versions/v13/software/S0036/"> FLASHFLOOD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FlawedAmmyy-FlawedAmmyy"> <a href="/versions/v13/software/S0381/"> FlawedAmmyy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FlawedGrace-FlawedGrace"> <a href="/versions/v13/software/S0383/"> FlawedGrace </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FlexiSpy-FlexiSpy"> <a href="/versions/v13/software/S0408/"> FlexiSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FLIPSIDE-FLIPSIDE"> <a href="/versions/v13/software/S0173/"> FLIPSIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FluBot-FluBot"> <a href="/versions/v13/software/S1067/"> FluBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FoggyWeb-FoggyWeb"> <a href="/versions/v13/software/S0661/"> FoggyWeb </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Forfiles-Forfiles"> <a href="/versions/v13/software/S0193/"> Forfiles </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FrameworkPOS-FrameworkPOS"> <a href="/versions/v13/software/S0503/"> FrameworkPOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FrozenCell-FrozenCell"> <a href="/versions/v13/software/S0577/"> FrozenCell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FruitFly-FruitFly"> <a href="/versions/v13/software/S0277/"> FruitFly </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ftp-ftp"> <a href="/versions/v13/software/S0095/"> ftp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FunnyDream-FunnyDream"> <a href="/versions/v13/software/S1044/"> FunnyDream </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="FYAnti-FYAnti"> <a href="/versions/v13/software/S0628/"> FYAnti </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Fysbis-Fysbis"> <a href="/versions/v13/software/S0410/"> Fysbis </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Gazer-Gazer"> <a href="/versions/v13/software/S0168/"> Gazer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Gelsemium-Gelsemium"> <a href="/versions/v13/software/S0666/"> Gelsemium </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GeminiDuke-GeminiDuke"> <a href="/versions/v13/software/S0049/"> GeminiDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Get2-Get2"> <a href="/versions/v13/software/S0460/"> Get2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="gh0st RAT-gh0st RAT"> <a href="/versions/v13/software/S0032/"> gh0st RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ginp-Ginp"> <a href="/versions/v13/software/S0423/"> Ginp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GLOOXMAIL-GLOOXMAIL"> <a href="/versions/v13/software/S0026/"> GLOOXMAIL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Gold Dragon-Gold Dragon"> <a href="/versions/v13/software/S0249/"> Gold Dragon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Golden Cup-Golden Cup"> <a href="/versions/v13/software/S0535/"> Golden Cup </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GoldenEagle-GoldenEagle"> <a href="/versions/v13/software/S0551/"> GoldenEagle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GoldenSpy-GoldenSpy"> <a href="/versions/v13/software/S0493/"> GoldenSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GoldFinder-GoldFinder"> <a href="/versions/v13/software/S0597/"> GoldFinder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GoldMax-GoldMax"> <a href="/versions/v13/software/S0588/"> GoldMax </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GolfSpy-GolfSpy"> <a href="/versions/v13/software/S0421/"> GolfSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Gooligan-Gooligan"> <a href="/versions/v13/software/S0290/"> Gooligan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Goopy-Goopy"> <a href="/versions/v13/software/S0477/"> Goopy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GPlayed-GPlayed"> <a href="/versions/v13/software/S0536/"> GPlayed </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Grandoreiro-Grandoreiro"> <a href="/versions/v13/software/S0531/"> Grandoreiro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GravityRAT-GravityRAT"> <a href="/versions/v13/software/S0237/"> GravityRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Green Lambert-Green Lambert"> <a href="/versions/v13/software/S0690/"> Green Lambert </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GreyEnergy-GreyEnergy"> <a href="/versions/v13/software/S0342/"> GreyEnergy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GRIFFON-GRIFFON"> <a href="/versions/v13/software/S0417/"> GRIFFON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GrimAgent-GrimAgent"> <a href="/versions/v13/software/S0632/"> GrimAgent </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="gsecdump-gsecdump"> <a href="/versions/v13/software/S0008/"> gsecdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="GuLoader-GuLoader"> <a href="/versions/v13/software/S0561/"> GuLoader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Gustuff-Gustuff"> <a href="/versions/v13/software/S0406/"> Gustuff </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="H1N1-H1N1"> <a href="/versions/v13/software/S0132/"> H1N1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Hacking Team UEFI Rootkit-Hacking Team UEFI Rootkit"> <a href="/versions/v13/software/S0047/"> Hacking Team UEFI Rootkit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HALFBAKED-HALFBAKED"> <a href="/versions/v13/software/S0151/"> HALFBAKED </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HAMMERTOSS-HAMMERTOSS"> <a href="/versions/v13/software/S0037/"> HAMMERTOSS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Hancitor-Hancitor"> <a href="/versions/v13/software/S0499/"> Hancitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HAPPYWORK-HAPPYWORK"> <a href="/versions/v13/software/S0214/"> HAPPYWORK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HARDRAIN-HARDRAIN"> <a href="/versions/v13/software/S0246/"> HARDRAIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Havij-Havij"> <a href="/versions/v13/software/S0224/"> Havij </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HAWKBALL-HAWKBALL"> <a href="/versions/v13/software/S0391/"> HAWKBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="hcdLoader-hcdLoader"> <a href="/versions/v13/software/S0071/"> hcdLoader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HDoor-HDoor"> <a href="/versions/v13/software/S0061/"> HDoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HELLOKITTY-HELLOKITTY"> <a href="/versions/v13/software/S0617/"> HELLOKITTY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Helminth-Helminth"> <a href="/versions/v13/software/S0170/"> Helminth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HenBox-HenBox"> <a href="/versions/v13/software/S0544/"> HenBox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HermeticWiper-HermeticWiper"> <a href="/versions/v13/software/S0697/"> HermeticWiper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HermeticWizard-HermeticWizard"> <a href="/versions/v13/software/S0698/"> HermeticWizard </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Heyoka Backdoor-Heyoka Backdoor"> <a href="/versions/v13/software/S1027/"> Heyoka Backdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Hi-Zor-Hi-Zor"> <a href="/versions/v13/software/S0087/"> Hi-Zor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HiddenWasp-HiddenWasp"> <a href="/versions/v13/software/S0394/"> HiddenWasp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HIDEDRV-HIDEDRV"> <a href="/versions/v13/software/S0135/"> HIDEDRV </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Hikit-Hikit"> <a href="/versions/v13/software/S0009/"> Hikit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Hildegard-Hildegard"> <a href="/versions/v13/software/S0601/"> Hildegard </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HOMEFRY-HOMEFRY"> <a href="/versions/v13/software/S0232/"> HOMEFRY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HOPLIGHT-HOPLIGHT"> <a href="/versions/v13/software/S0376/"> HOPLIGHT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HotCroissant-HotCroissant"> <a href="/versions/v13/software/S0431/"> HotCroissant </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HTRAN-HTRAN"> <a href="/versions/v13/software/S0040/"> HTRAN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HTTPBrowser-HTTPBrowser"> <a href="/versions/v13/software/S0070/"> HTTPBrowser </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="httpclient-httpclient"> <a href="/versions/v13/software/S0068/"> httpclient </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HummingBad-HummingBad"> <a href="/versions/v13/software/S0322/"> HummingBad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HummingWhale-HummingWhale"> <a href="/versions/v13/software/S0321/"> HummingWhale </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Hydraq-Hydraq"> <a href="/versions/v13/software/S0203/"> Hydraq </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HyperBro-HyperBro"> <a href="/versions/v13/software/S0398/"> HyperBro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="HyperStack-HyperStack"> <a href="/versions/v13/software/S0537/"> HyperStack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="IceApple-IceApple"> <a href="/versions/v13/software/S1022/"> IceApple </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="IcedID-IcedID"> <a href="/versions/v13/software/S0483/"> IcedID </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ifconfig-ifconfig"> <a href="/versions/v13/software/S0101/"> ifconfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="iKitten-iKitten"> <a href="/versions/v13/software/S0278/"> iKitten </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Imminent Monitor-Imminent Monitor"> <a href="/versions/v13/software/S0434/"> Imminent Monitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Impacket-Impacket"> <a href="/versions/v13/software/S0357/"> Impacket </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="INCONTROLLER-INCONTROLLER"> <a href="/versions/v13/software/S1045/"> INCONTROLLER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Industroyer-Industroyer"> <a href="/versions/v13/software/S0604/"> Industroyer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Industroyer2-Industroyer2"> <a href="/versions/v13/software/S1072/"> Industroyer2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="InnaputRAT-InnaputRAT"> <a href="/versions/v13/software/S0259/"> InnaputRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="INSOMNIA-INSOMNIA"> <a href="/versions/v13/software/S0463/"> INSOMNIA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="InvisiMole-InvisiMole"> <a href="/versions/v13/software/S0260/"> InvisiMole </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Invoke-PSImage-Invoke-PSImage"> <a href="/versions/v13/software/S0231/"> Invoke-PSImage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ipconfig-ipconfig"> <a href="/versions/v13/software/S0100/"> ipconfig </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="IronNetInjector-IronNetInjector"> <a href="/versions/v13/software/S0581/"> IronNetInjector </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ISMInjector-ISMInjector"> <a href="/versions/v13/software/S0189/"> ISMInjector </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ixeshe-Ixeshe"> <a href="/versions/v13/software/S0015/"> Ixeshe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Janicab-Janicab"> <a href="/versions/v13/software/S0163/"> Janicab </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Javali-Javali"> <a href="/versions/v13/software/S0528/"> Javali </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="JCry-JCry"> <a href="/versions/v13/software/S0389/"> JCry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="JHUHUGIT-JHUHUGIT"> <a href="/versions/v13/software/S0044/"> JHUHUGIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="JPIN-JPIN"> <a href="/versions/v13/software/S0201/"> JPIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="jRAT-jRAT"> <a href="/versions/v13/software/S0283/"> jRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="JSS Loader-JSS Loader"> <a href="/versions/v13/software/S0648/"> JSS Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Judy-Judy"> <a href="/versions/v13/software/S0325/"> Judy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KARAE-KARAE"> <a href="/versions/v13/software/S0215/"> KARAE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kasidet-Kasidet"> <a href="/versions/v13/software/S0088/"> Kasidet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kazuar-Kazuar"> <a href="/versions/v13/software/S0265/"> Kazuar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kerrdown-Kerrdown"> <a href="/versions/v13/software/S0585/"> Kerrdown </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kessel-Kessel"> <a href="/versions/v13/software/S0487/"> Kessel </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kevin-Kevin"> <a href="/versions/v13/software/S1020/"> Kevin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KeyBoy-KeyBoy"> <a href="/versions/v13/software/S0387/"> KeyBoy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Keydnap-Keydnap"> <a href="/versions/v13/software/S0276/"> Keydnap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KEYMARBLE-KEYMARBLE"> <a href="/versions/v13/software/S0271/"> KEYMARBLE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KEYPLUG-KEYPLUG"> <a href="/versions/v13/software/S1051/"> KEYPLUG </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KeyRaider-KeyRaider"> <a href="/versions/v13/software/S0288/"> KeyRaider </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KGH_SPY-KGH_SPY"> <a href="/versions/v13/software/S0526/"> KGH_SPY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KillDisk-KillDisk"> <a href="/versions/v13/software/S0607/"> KillDisk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kinsing-Kinsing"> <a href="/versions/v13/software/S0599/"> Kinsing </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kivars-Kivars"> <a href="/versions/v13/software/S0437/"> Kivars </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Koadic-Koadic"> <a href="/versions/v13/software/S0250/"> Koadic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kobalos-Kobalos"> <a href="/versions/v13/software/S0641/"> Kobalos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KOCTOPUS-KOCTOPUS"> <a href="/versions/v13/software/S0669/"> KOCTOPUS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Komplex-Komplex"> <a href="/versions/v13/software/S0162/"> Komplex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KOMPROGO-KOMPROGO"> <a href="/versions/v13/software/S0156/"> KOMPROGO </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="KONNI-KONNI"> <a href="/versions/v13/software/S0356/"> KONNI </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Kwampirs-Kwampirs"> <a href="/versions/v13/software/S0236/"> Kwampirs </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LaZagne-LaZagne"> <a href="/versions/v13/software/S0349/"> LaZagne </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LightNeuron-LightNeuron"> <a href="/versions/v13/software/S0395/"> LightNeuron </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Linfo-Linfo"> <a href="/versions/v13/software/S0211/"> Linfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Linux Rabbit-Linux Rabbit"> <a href="/versions/v13/software/S0362/"> Linux Rabbit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LiteDuke-LiteDuke"> <a href="/versions/v13/software/S0513/"> LiteDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LitePower-LitePower"> <a href="/versions/v13/software/S0680/"> LitePower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Lizar-Lizar"> <a href="/versions/v13/software/S0681/"> Lizar </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LockerGoga-LockerGoga"> <a href="/versions/v13/software/S0372/"> LockerGoga </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LoJax-LoJax"> <a href="/versions/v13/software/S0397/"> LoJax </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Lokibot-Lokibot"> <a href="/versions/v13/software/S0447/"> Lokibot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LookBack-LookBack"> <a href="/versions/v13/software/S0582/"> LookBack </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LoudMiner-LoudMiner"> <a href="/versions/v13/software/S0451/"> LoudMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="LOWBALL-LOWBALL"> <a href="/versions/v13/software/S0042/"> LOWBALL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Lslsass-Lslsass"> <a href="/versions/v13/software/S0121/"> Lslsass </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Lucifer-Lucifer"> <a href="/versions/v13/software/S0532/"> Lucifer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Lurid-Lurid"> <a href="/versions/v13/software/S0010/"> Lurid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Machete-Machete"> <a href="/versions/v13/software/S0409/"> Machete </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MacMa-MacMa"> <a href="/versions/v13/software/S1016/"> MacMa </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="macOS.OSAMiner-macOS.OSAMiner"> <a href="/versions/v13/software/S1048/"> macOS.OSAMiner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MacSpy-MacSpy"> <a href="/versions/v13/software/S0282/"> MacSpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mafalda-Mafalda"> <a href="/versions/v13/software/S1060/"> Mafalda </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MailSniper-MailSniper"> <a href="/versions/v13/software/S0413/"> MailSniper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mandrake-Mandrake"> <a href="/versions/v13/software/S0485/"> Mandrake </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Marcher-Marcher"> <a href="/versions/v13/software/S0317/"> Marcher </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MarkiRAT-MarkiRAT"> <a href="/versions/v13/software/S0652/"> MarkiRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Matryoshka-Matryoshka"> <a href="/versions/v13/software/S0167/"> Matryoshka </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MazarBOT-MazarBOT"> <a href="/versions/v13/software/S0303/"> MazarBOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Maze-Maze"> <a href="/versions/v13/software/S0449/"> Maze </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MCMD-MCMD"> <a href="/versions/v13/software/S0500/"> MCMD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MechaFlounder-MechaFlounder"> <a href="/versions/v13/software/S0459/"> MechaFlounder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="meek-meek"> <a href="/versions/v13/software/S0175/"> meek </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MegaCortex-MegaCortex"> <a href="/versions/v13/software/S0576/"> MegaCortex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Melcoz-Melcoz"> <a href="/versions/v13/software/S0530/"> Melcoz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MESSAGETAP-MESSAGETAP"> <a href="/versions/v13/software/S0443/"> MESSAGETAP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="metaMain-metaMain"> <a href="/versions/v13/software/S1059/"> metaMain </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Metamorfo-Metamorfo"> <a href="/versions/v13/software/S0455/"> Metamorfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Meteor-Meteor"> <a href="/versions/v13/software/S0688/"> Meteor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Micropsia-Micropsia"> <a href="/versions/v13/software/S0339/"> Micropsia </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Milan-Milan"> <a href="/versions/v13/software/S1015/"> Milan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mimikatz-Mimikatz"> <a href="/versions/v13/software/S0002/"> Mimikatz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MimiPenguin-MimiPenguin"> <a href="/versions/v13/software/S0179/"> MimiPenguin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Miner-C-Miner-C"> <a href="/versions/v13/software/S0133/"> Miner-C </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MiniDuke-MiniDuke"> <a href="/versions/v13/software/S0051/"> MiniDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MirageFox-MirageFox"> <a href="/versions/v13/software/S0280/"> MirageFox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mis-Type-Mis-Type"> <a href="/versions/v13/software/S0084/"> Mis-Type </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Misdat-Misdat"> <a href="/versions/v13/software/S0083/"> Misdat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mivast-Mivast"> <a href="/versions/v13/software/S0080/"> Mivast </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MobileOrder-MobileOrder"> <a href="/versions/v13/software/S0079/"> MobileOrder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MoleNet-MoleNet"> <a href="/versions/v13/software/S0553/"> MoleNet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mongall-Mongall"> <a href="/versions/v13/software/S1026/"> Mongall </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Monokle-Monokle"> <a href="/versions/v13/software/S0407/"> Monokle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MoonWind-MoonWind"> <a href="/versions/v13/software/S0149/"> MoonWind </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="More_eggs-More_eggs"> <a href="/versions/v13/software/S0284/"> More_eggs </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mori-Mori"> <a href="/versions/v13/software/S1047/"> Mori </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mosquito-Mosquito"> <a href="/versions/v13/software/S0256/"> Mosquito </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="MURKYTOP-MURKYTOP"> <a href="/versions/v13/software/S0233/"> MURKYTOP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Mythic-Mythic"> <a href="/versions/v13/software/S0699/"> Mythic </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Naid-Naid"> <a href="/versions/v13/software/S0205/"> Naid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NanHaiShu-NanHaiShu"> <a href="/versions/v13/software/S0228/"> NanHaiShu </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NanoCore-NanoCore"> <a href="/versions/v13/software/S0336/"> NanoCore </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NativeZone-NativeZone"> <a href="/versions/v13/software/S0637/"> NativeZone </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NavRAT-NavRAT"> <a href="/versions/v13/software/S0247/"> NavRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NBTscan-NBTscan"> <a href="/versions/v13/software/S0590/"> NBTscan </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="nbtstat-nbtstat"> <a href="/versions/v13/software/S0102/"> nbtstat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NDiskMonitor-NDiskMonitor"> <a href="/versions/v13/software/S0272/"> NDiskMonitor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Nebulae-Nebulae"> <a href="/versions/v13/software/S0630/"> Nebulae </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Neoichor-Neoichor"> <a href="/versions/v13/software/S0691/"> Neoichor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Nerex-Nerex"> <a href="/versions/v13/software/S0210/"> Nerex </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Net-Net"> <a href="/versions/v13/software/S0039/"> Net </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Net Crawler-Net Crawler"> <a href="/versions/v13/software/S0056/"> Net Crawler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NETEAGLE-NETEAGLE"> <a href="/versions/v13/software/S0034/"> NETEAGLE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="netsh-netsh"> <a href="/versions/v13/software/S0108/"> netsh </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="netstat-netstat"> <a href="/versions/v13/software/S0104/"> netstat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NetTraveler-NetTraveler"> <a href="/versions/v13/software/S0033/"> NetTraveler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Netwalker-Netwalker"> <a href="/versions/v13/software/S0457/"> Netwalker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NETWIRE-NETWIRE"> <a href="/versions/v13/software/S0198/"> NETWIRE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ngrok-Ngrok"> <a href="/versions/v13/software/S0508/"> Ngrok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Nidiran-Nidiran"> <a href="/versions/v13/software/S0118/"> Nidiran </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="njRAT-njRAT"> <a href="/versions/v13/software/S0385/"> njRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Nltest-Nltest"> <a href="/versions/v13/software/S0359/"> Nltest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NOKKI-NOKKI"> <a href="/versions/v13/software/S0353/"> NOKKI </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NotCompatible-NotCompatible"> <a href="/versions/v13/software/S0299/"> NotCompatible </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="NotPetya-NotPetya"> <a href="/versions/v13/software/S0368/"> NotPetya </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OBAD-OBAD"> <a href="/versions/v13/software/S0286/"> OBAD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ObliqueRAT-ObliqueRAT"> <a href="/versions/v13/software/S0644/"> ObliqueRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OceanSalt-OceanSalt"> <a href="/versions/v13/software/S0346/"> OceanSalt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Octopus-Octopus"> <a href="/versions/v13/software/S0340/"> Octopus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Okrum-Okrum"> <a href="/versions/v13/software/S0439/"> Okrum </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OLDBAIT-OLDBAIT"> <a href="/versions/v13/software/S0138/"> OLDBAIT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OldBoot-OldBoot"> <a href="/versions/v13/software/S0285/"> OldBoot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Olympic Destroyer-Olympic Destroyer"> <a href="/versions/v13/software/S0365/"> Olympic Destroyer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OnionDuke-OnionDuke"> <a href="/versions/v13/software/S0052/"> OnionDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OopsIE-OopsIE"> <a href="/versions/v13/software/S0264/"> OopsIE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Orz-Orz"> <a href="/versions/v13/software/S0229/"> Orz </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OSInfo-OSInfo"> <a href="/versions/v13/software/S0165/"> OSInfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OSX/Shlayer-OSX/Shlayer"> <a href="/versions/v13/software/S0402/"> OSX/Shlayer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OSX_OCEANLOTUS.D-OSX_OCEANLOTUS.D"> <a href="/versions/v13/software/S0352/"> OSX_OCEANLOTUS.D </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Out1-Out1"> <a href="/versions/v13/software/S0594/"> Out1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OutSteel-OutSteel"> <a href="/versions/v13/software/S1017/"> OutSteel </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="OwaAuth-OwaAuth"> <a href="/versions/v13/software/S0072/"> OwaAuth </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="P.A.S. Webshell-P.A.S. Webshell"> <a href="/versions/v13/software/S0598/"> P.A.S. Webshell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="P2P ZeuS-P2P ZeuS"> <a href="/versions/v13/software/S0016/"> P2P ZeuS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="P8RAT-P8RAT"> <a href="/versions/v13/software/S0626/"> P8RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pallas-Pallas"> <a href="/versions/v13/software/S0399/"> Pallas </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pandora-Pandora"> <a href="/versions/v13/software/S0664/"> Pandora </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pasam-Pasam"> <a href="/versions/v13/software/S0208/"> Pasam </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pass-The-Hash Toolkit-Pass-The-Hash Toolkit"> <a href="/versions/v13/software/S0122/"> Pass-The-Hash Toolkit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pay2Key-Pay2Key"> <a href="/versions/v13/software/S0556/"> Pay2Key </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PcShare-PcShare"> <a href="/versions/v13/software/S1050/"> PcShare </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pegasus for Android-Pegasus for Android"> <a href="/versions/v13/software/S0316/"> Pegasus for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pegasus for iOS-Pegasus for iOS"> <a href="/versions/v13/software/S0289/"> Pegasus for iOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Peirates-Peirates"> <a href="/versions/v13/software/S0683/"> Peirates </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Penquin-Penquin"> <a href="/versions/v13/software/S0587/"> Penquin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Peppy-Peppy"> <a href="/versions/v13/software/S0643/"> Peppy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PHOREAL-PHOREAL"> <a href="/versions/v13/software/S0158/"> PHOREAL </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pillowmint-Pillowmint"> <a href="/versions/v13/software/S0517/"> Pillowmint </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PinchDuke-PinchDuke"> <a href="/versions/v13/software/S0048/"> PinchDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ping-Ping"> <a href="/versions/v13/software/S0097/"> Ping </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PingPull-PingPull"> <a href="/versions/v13/software/S1031/"> PingPull </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PipeMon-PipeMon"> <a href="/versions/v13/software/S0501/"> PipeMon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pisloader-Pisloader"> <a href="/versions/v13/software/S0124/"> Pisloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PJApps-PJApps"> <a href="/versions/v13/software/S0291/"> PJApps </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PLAINTEE-PLAINTEE"> <a href="/versions/v13/software/S0254/"> PLAINTEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PLC-Blaster-PLC-Blaster"> <a href="/versions/v13/software/S1006/"> PLC-Blaster </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PLEAD-PLEAD"> <a href="/versions/v13/software/S0435/"> PLEAD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PlugX-PlugX"> <a href="/versions/v13/software/S0013/"> PlugX </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="pngdowner-pngdowner"> <a href="/versions/v13/software/S0067/"> pngdowner </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PoetRAT-PoetRAT"> <a href="/versions/v13/software/S0428/"> PoetRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PoisonIvy-PoisonIvy"> <a href="/versions/v13/software/S0012/"> PoisonIvy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PolyglotDuke-PolyglotDuke"> <a href="/versions/v13/software/S0518/"> PolyglotDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pony-Pony"> <a href="/versions/v13/software/S0453/"> Pony </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="POORAIM-POORAIM"> <a href="/versions/v13/software/S0216/"> POORAIM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PoshC2-PoshC2"> <a href="/versions/v13/software/S0378/"> PoshC2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="POSHSPY-POSHSPY"> <a href="/versions/v13/software/S0150/"> POSHSPY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Power Loader-Power Loader"> <a href="/versions/v13/software/S0177/"> Power Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowerDuke-PowerDuke"> <a href="/versions/v13/software/S0139/"> PowerDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowerLess-PowerLess"> <a href="/versions/v13/software/S1012/"> PowerLess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowerPunch-PowerPunch"> <a href="/versions/v13/software/S0685/"> PowerPunch </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowerShower-PowerShower"> <a href="/versions/v13/software/S0441/"> PowerShower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="POWERSOURCE-POWERSOURCE"> <a href="/versions/v13/software/S0145/"> POWERSOURCE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowerSploit-PowerSploit"> <a href="/versions/v13/software/S0194/"> PowerSploit </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowerStallion-PowerStallion"> <a href="/versions/v13/software/S0393/"> PowerStallion </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="POWERSTATS-POWERSTATS"> <a href="/versions/v13/software/S0223/"> POWERSTATS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="POWERTON-POWERTON"> <a href="/versions/v13/software/S0371/"> POWERTON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PowGoop-PowGoop"> <a href="/versions/v13/software/S1046/"> PowGoop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="POWRUNER-POWRUNER"> <a href="/versions/v13/software/S0184/"> POWRUNER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Prestige-Prestige"> <a href="/versions/v13/software/S1058/"> Prestige </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Prikormka-Prikormka"> <a href="/versions/v13/software/S0113/"> Prikormka </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ProLock-ProLock"> <a href="/versions/v13/software/S0654/"> ProLock </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Proton-Proton"> <a href="/versions/v13/software/S0279/"> Proton </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Proxysvc-Proxysvc"> <a href="/versions/v13/software/S0238/"> Proxysvc </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PS1-PS1"> <a href="/versions/v13/software/S0613/"> PS1 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PsExec-PsExec"> <a href="/versions/v13/software/S0029/"> PsExec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Psylo-Psylo"> <a href="/versions/v13/software/S0078/"> Psylo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pteranodon-Pteranodon"> <a href="/versions/v13/software/S0147/"> Pteranodon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PUNCHBUGGY-PUNCHBUGGY"> <a href="/versions/v13/software/S0196/"> PUNCHBUGGY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PUNCHTRACK-PUNCHTRACK"> <a href="/versions/v13/software/S0197/"> PUNCHTRACK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pupy-Pupy"> <a href="/versions/v13/software/S0192/"> Pupy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="pwdump-pwdump"> <a href="/versions/v13/software/S0006/"> pwdump </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="PyDCrypt-PyDCrypt"> <a href="/versions/v13/software/S1032/"> PyDCrypt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Pysa-Pysa"> <a href="/versions/v13/software/S0583/"> Pysa </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="QakBot-QakBot"> <a href="/versions/v13/software/S0650/"> QakBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="QUADAGENT-QUADAGENT"> <a href="/versions/v13/software/S0269/"> QUADAGENT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="QuasarRAT-QuasarRAT"> <a href="/versions/v13/software/S0262/"> QuasarRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="QuietSieve-QuietSieve"> <a href="/versions/v13/software/S0686/"> QuietSieve </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ragnar Locker-Ragnar Locker"> <a href="/versions/v13/software/S0481/"> Ragnar Locker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Raindrop-Raindrop"> <a href="/versions/v13/software/S0565/"> Raindrop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RainyDay-RainyDay"> <a href="/versions/v13/software/S0629/"> RainyDay </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ramsay-Ramsay"> <a href="/versions/v13/software/S0458/"> Ramsay </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RARSTONE-RARSTONE"> <a href="/versions/v13/software/S0055/"> RARSTONE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RATANKBA-RATANKBA"> <a href="/versions/v13/software/S0241/"> RATANKBA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RawDisk-RawDisk"> <a href="/versions/v13/software/S0364/"> RawDisk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RawPOS-RawPOS"> <a href="/versions/v13/software/S0169/"> RawPOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Rclone-Rclone"> <a href="/versions/v13/software/S1040/"> Rclone </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RCSAndroid-RCSAndroid"> <a href="/versions/v13/software/S0295/"> RCSAndroid </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RCSession-RCSession"> <a href="/versions/v13/software/S0662/"> RCSession </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RDAT-RDAT"> <a href="/versions/v13/software/S0495/"> RDAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RDFSNIFFER-RDFSNIFFER"> <a href="/versions/v13/software/S0416/"> RDFSNIFFER </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Reaver-Reaver"> <a href="/versions/v13/software/S0172/"> Reaver </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Red Alert 2.0-Red Alert 2.0"> <a href="/versions/v13/software/S0539/"> Red Alert 2.0 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RedDrop-RedDrop"> <a href="/versions/v13/software/S0326/"> RedDrop </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RedLeaves-RedLeaves"> <a href="/versions/v13/software/S0153/"> RedLeaves </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Reg-Reg"> <a href="/versions/v13/software/S0075/"> Reg </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RegDuke-RegDuke"> <a href="/versions/v13/software/S0511/"> RegDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Regin-Regin"> <a href="/versions/v13/software/S0019/"> Regin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Remcos-Remcos"> <a href="/versions/v13/software/S0332/"> Remcos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Remexi-Remexi"> <a href="/versions/v13/software/S0375/"> Remexi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RemoteCMD-RemoteCMD"> <a href="/versions/v13/software/S0166/"> RemoteCMD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RemoteUtilities-RemoteUtilities"> <a href="/versions/v13/software/S0592/"> RemoteUtilities </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Remsec-Remsec"> <a href="/versions/v13/software/S0125/"> Remsec </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Responder-Responder"> <a href="/versions/v13/software/S0174/"> Responder </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Revenge RAT-Revenge RAT"> <a href="/versions/v13/software/S0379/"> Revenge RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="REvil-REvil"> <a href="/versions/v13/software/S0496/"> REvil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RGDoor-RGDoor"> <a href="/versions/v13/software/S0258/"> RGDoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Rifdoor-Rifdoor"> <a href="/versions/v13/software/S0433/"> Rifdoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Riltok-Riltok"> <a href="/versions/v13/software/S0403/"> Riltok </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RIPTIDE-RIPTIDE"> <a href="/versions/v13/software/S0003/"> RIPTIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Rising Sun-Rising Sun"> <a href="/versions/v13/software/S0448/"> Rising Sun </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ROADTools-ROADTools"> <a href="/versions/v13/software/S0684/"> ROADTools </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RobbinHood-RobbinHood"> <a href="/versions/v13/software/S0400/"> RobbinHood </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ROCKBOOT-ROCKBOOT"> <a href="/versions/v13/software/S0112/"> ROCKBOOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RogueRobin-RogueRobin"> <a href="/versions/v13/software/S0270/"> RogueRobin </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ROKRAT-ROKRAT"> <a href="/versions/v13/software/S0240/"> ROKRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Rotexy-Rotexy"> <a href="/versions/v13/software/S0411/"> Rotexy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="route-route"> <a href="/versions/v13/software/S0103/"> route </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Rover-Rover"> <a href="/versions/v13/software/S0090/"> Rover </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Royal-Royal"> <a href="/versions/v13/software/S1073/"> Royal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RTM-RTM"> <a href="/versions/v13/software/S0148/"> RTM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Rubeus-Rubeus"> <a href="/versions/v13/software/S1071/"> Rubeus </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ruler-Ruler"> <a href="/versions/v13/software/S0358/"> Ruler </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RuMMS-RuMMS"> <a href="/versions/v13/software/S0313/"> RuMMS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="RunningRAT-RunningRAT"> <a href="/versions/v13/software/S0253/"> RunningRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ryuk-Ryuk"> <a href="/versions/v13/software/S0446/"> Ryuk </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="S-Type-S-Type"> <a href="/versions/v13/software/S0085/"> S-Type </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="S.O.V.A.-S.O.V.A."> <a href="/versions/v13/software/S1062/"> S.O.V.A. </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Saint Bot-Saint Bot"> <a href="/versions/v13/software/S1018/"> Saint Bot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Sakula-Sakula"> <a href="/versions/v13/software/S0074/"> Sakula </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SamSam-SamSam"> <a href="/versions/v13/software/S0370/"> SamSam </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="schtasks-schtasks"> <a href="/versions/v13/software/S0111/"> schtasks </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SDBbot-SDBbot"> <a href="/versions/v13/software/S0461/"> SDBbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SDelete-SDelete"> <a href="/versions/v13/software/S0195/"> SDelete </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SeaDuke-SeaDuke"> <a href="/versions/v13/software/S0053/"> SeaDuke </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Seasalt-Seasalt"> <a href="/versions/v13/software/S0345/"> Seasalt </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SEASHARPEE-SEASHARPEE"> <a href="/versions/v13/software/S0185/"> SEASHARPEE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ServHelper-ServHelper"> <a href="/versions/v13/software/S0382/"> ServHelper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Seth-Locker-Seth-Locker"> <a href="/versions/v13/software/S0639/"> Seth-Locker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ShadowPad-ShadowPad"> <a href="/versions/v13/software/S0596/"> ShadowPad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Shamoon-Shamoon"> <a href="/versions/v13/software/S0140/"> Shamoon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Shark-Shark"> <a href="/versions/v13/software/S1019/"> Shark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SharkBot-SharkBot"> <a href="/versions/v13/software/S1055/"> SharkBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SharpStage-SharpStage"> <a href="/versions/v13/software/S0546/"> SharpStage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SHARPSTATS-SHARPSTATS"> <a href="/versions/v13/software/S0450/"> SHARPSTATS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ShiftyBug-ShiftyBug"> <a href="/versions/v13/software/S0294/"> ShiftyBug </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ShimRat-ShimRat"> <a href="/versions/v13/software/S0444/"> ShimRat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ShimRatReporter-ShimRatReporter"> <a href="/versions/v13/software/S0445/"> ShimRatReporter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SHIPSHAPE-SHIPSHAPE"> <a href="/versions/v13/software/S0028/"> SHIPSHAPE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SHOTPUT-SHOTPUT"> <a href="/versions/v13/software/S0063/"> SHOTPUT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SHUTTERSPEED-SHUTTERSPEED"> <a href="/versions/v13/software/S0217/"> SHUTTERSPEED </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Sibot-Sibot"> <a href="/versions/v13/software/S0589/"> Sibot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SideTwist-SideTwist"> <a href="/versions/v13/software/S0610/"> SideTwist </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SILENTTRINITY-SILENTTRINITY"> <a href="/versions/v13/software/S0692/"> SILENTTRINITY </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SilkBean-SilkBean"> <a href="/versions/v13/software/S0549/"> SilkBean </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Siloscape-Siloscape"> <a href="/versions/v13/software/S0623/"> Siloscape </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SimBad-SimBad"> <a href="/versions/v13/software/S0419/"> SimBad </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Skeleton Key-Skeleton Key"> <a href="/versions/v13/software/S0007/"> Skeleton Key </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Skidmap-Skidmap"> <a href="/versions/v13/software/S0468/"> Skidmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Skygofree-Skygofree"> <a href="/versions/v13/software/S0327/"> Skygofree </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Sliver-Sliver"> <a href="/versions/v13/software/S0633/"> Sliver </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SLOTHFULMEDIA-SLOTHFULMEDIA"> <a href="/versions/v13/software/S0533/"> SLOTHFULMEDIA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SLOWDRIFT-SLOWDRIFT"> <a href="/versions/v13/software/S0218/"> SLOWDRIFT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Small Sieve-Small Sieve"> <a href="/versions/v13/software/S1035/"> Small Sieve </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Smoke Loader-Smoke Loader"> <a href="/versions/v13/software/S0226/"> Smoke Loader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SMOKEDHAM-SMOKEDHAM"> <a href="/versions/v13/software/S0649/"> SMOKEDHAM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SNUGRIDE-SNUGRIDE"> <a href="/versions/v13/software/S0159/"> SNUGRIDE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Socksbot-Socksbot"> <a href="/versions/v13/software/S0273/"> Socksbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SodaMaster-SodaMaster"> <a href="/versions/v13/software/S0627/"> SodaMaster </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SombRAT-SombRAT"> <a href="/versions/v13/software/S0615/"> SombRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SoreFang-SoreFang"> <a href="/versions/v13/software/S0516/"> SoreFang </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SOUNDBITE-SOUNDBITE"> <a href="/versions/v13/software/S0157/"> SOUNDBITE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SPACESHIP-SPACESHIP"> <a href="/versions/v13/software/S0035/"> SPACESHIP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Spark-Spark"> <a href="/versions/v13/software/S0543/"> Spark </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SpeakUp-SpeakUp"> <a href="/versions/v13/software/S0374/"> SpeakUp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SpicyOmelette-SpicyOmelette"> <a href="/versions/v13/software/S0646/"> SpicyOmelette </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="spwebmember-spwebmember"> <a href="/versions/v13/software/S0227/"> spwebmember </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SpyDealer-SpyDealer"> <a href="/versions/v13/software/S0324/"> SpyDealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SpyNote RAT-SpyNote RAT"> <a href="/versions/v13/software/S0305/"> SpyNote RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="sqlmap-sqlmap"> <a href="/versions/v13/software/S0225/"> sqlmap </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SQLRat-SQLRat"> <a href="/versions/v13/software/S0390/"> SQLRat </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Squirrelwaffle-Squirrelwaffle"> <a href="/versions/v13/software/S1030/"> Squirrelwaffle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SslMM-SslMM"> <a href="/versions/v13/software/S0058/"> SslMM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Starloader-Starloader"> <a href="/versions/v13/software/S0188/"> Starloader </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="STARWHALE-STARWHALE"> <a href="/versions/v13/software/S1037/"> STARWHALE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Stealth Mango-Stealth Mango"> <a href="/versions/v13/software/S0328/"> Stealth Mango </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="StoneDrill-StoneDrill"> <a href="/versions/v13/software/S0380/"> StoneDrill </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="StreamEx-StreamEx"> <a href="/versions/v13/software/S0142/"> StreamEx </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="StrifeWater-StrifeWater"> <a href="/versions/v13/software/S1034/"> StrifeWater </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="StrongPity-StrongPity"> <a href="/versions/v13/software/S0491/"> StrongPity </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Stuxnet-Stuxnet"> <a href="/versions/v13/software/S0603/"> Stuxnet </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SUGARDUMP-SUGARDUMP"> <a href="/versions/v13/software/S1042/"> SUGARDUMP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SUGARUSH-SUGARUSH"> <a href="/versions/v13/software/S1049/"> SUGARUSH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SUNBURST-SUNBURST"> <a href="/versions/v13/software/S0559/"> SUNBURST </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SUNSPOT-SUNSPOT"> <a href="/versions/v13/software/S0562/"> SUNSPOT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SUPERNOVA-SUPERNOVA"> <a href="/versions/v13/software/S0578/"> SUPERNOVA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SVCReady-SVCReady"> <a href="/versions/v13/software/S1064/"> SVCReady </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Sykipot-Sykipot"> <a href="/versions/v13/software/S0018/"> Sykipot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SynAck-SynAck"> <a href="/versions/v13/software/S0242/"> SynAck </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SYNful Knock-SYNful Knock"> <a href="/versions/v13/software/S0519/"> SYNful Knock </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Sys10-Sys10"> <a href="/versions/v13/software/S0060/"> Sys10 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SYSCON-SYSCON"> <a href="/versions/v13/software/S0464/"> SYSCON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Systeminfo-Systeminfo"> <a href="/versions/v13/software/S0096/"> Systeminfo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="SysUpdate-SysUpdate"> <a href="/versions/v13/software/S0663/"> SysUpdate </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="T9000-T9000"> <a href="/versions/v13/software/S0098/"> T9000 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Taidoor-Taidoor"> <a href="/versions/v13/software/S0011/"> Taidoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TAINTEDSCRIBE-TAINTEDSCRIBE"> <a href="/versions/v13/software/S0586/"> TAINTEDSCRIBE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TajMahal-TajMahal"> <a href="/versions/v13/software/S0467/"> TajMahal </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Tangelo-Tangelo"> <a href="/versions/v13/software/S0329/"> Tangelo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TangleBot-TangleBot"> <a href="/versions/v13/software/S1069/"> TangleBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Tarrask-Tarrask"> <a href="/versions/v13/software/S1011/"> Tarrask </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Tasklist-Tasklist"> <a href="/versions/v13/software/S0057/"> Tasklist </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TDTESS-TDTESS"> <a href="/versions/v13/software/S0164/"> TDTESS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TEARDROP-TEARDROP"> <a href="/versions/v13/software/S0560/"> TEARDROP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TERRACOTTA-TERRACOTTA"> <a href="/versions/v13/software/S0545/"> TERRACOTTA </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TEXTMATE-TEXTMATE"> <a href="/versions/v13/software/S0146/"> TEXTMATE </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ThiefQuest-ThiefQuest"> <a href="/versions/v13/software/S0595/"> ThiefQuest </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ThreatNeedle-ThreatNeedle"> <a href="/versions/v13/software/S0665/"> ThreatNeedle </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TianySpy-TianySpy"> <a href="/versions/v13/software/S1056/"> TianySpy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Tiktok Pro-Tiktok Pro"> <a href="/versions/v13/software/S0558/"> Tiktok Pro </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TinyTurla-TinyTurla"> <a href="/versions/v13/software/S0668/"> TinyTurla </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TINYTYPHON-TINYTYPHON"> <a href="/versions/v13/software/S0131/"> TINYTYPHON </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TinyZBot-TinyZBot"> <a href="/versions/v13/software/S0004/"> TinyZBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Tomiris-Tomiris"> <a href="/versions/v13/software/S0671/"> Tomiris </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Tor-Tor"> <a href="/versions/v13/software/S0183/"> Tor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Torisma-Torisma"> <a href="/versions/v13/software/S0678/"> Torisma </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TrailBlazer-TrailBlazer"> <a href="/versions/v13/software/S0682/"> TrailBlazer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Triada-Triada"> <a href="/versions/v13/software/S0424/"> Triada </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TrickBot-TrickBot"> <a href="/versions/v13/software/S0266/"> TrickBot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TrickMo-TrickMo"> <a href="/versions/v13/software/S0427/"> TrickMo </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Triton-Triton"> <a href="/versions/v13/software/S1009/"> Triton </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Trojan-SMS.AndroidOS.Agent.ao-Trojan-SMS.AndroidOS.Agent.ao"> <a href="/versions/v13/software/S0307/"> Trojan-SMS.AndroidOS.Agent.ao </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Trojan-SMS.AndroidOS.FakeInst.a-Trojan-SMS.AndroidOS.FakeInst.a"> <a href="/versions/v13/software/S0306/"> Trojan-SMS.AndroidOS.FakeInst.a </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Trojan-SMS.AndroidOS.OpFake.a-Trojan-SMS.AndroidOS.OpFake.a"> <a href="/versions/v13/software/S0308/"> Trojan-SMS.AndroidOS.OpFake.a </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Trojan.Karagany-Trojan.Karagany"> <a href="/versions/v13/software/S0094/"> Trojan.Karagany </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Trojan.Mebromi-Trojan.Mebromi"> <a href="/versions/v13/software/S0001/"> Trojan.Mebromi </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Truvasys-Truvasys"> <a href="/versions/v13/software/S0178/"> Truvasys </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TSCookie-TSCookie"> <a href="/versions/v13/software/S0436/"> TSCookie </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Turian-Turian"> <a href="/versions/v13/software/S0647/"> Turian </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TURNEDUP-TURNEDUP"> <a href="/versions/v13/software/S0199/"> TURNEDUP </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Twitoor-Twitoor"> <a href="/versions/v13/software/S0302/"> Twitoor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="TYPEFRAME-TYPEFRAME"> <a href="/versions/v13/software/S0263/"> TYPEFRAME </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="UACMe-UACMe"> <a href="/versions/v13/software/S0116/"> UACMe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="UBoatRAT-UBoatRAT"> <a href="/versions/v13/software/S0333/"> UBoatRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Umbreon-Umbreon"> <a href="/versions/v13/software/S0221/"> Umbreon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Unknown Logger-Unknown Logger"> <a href="/versions/v13/software/S0130/"> Unknown Logger </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="UPPERCUT-UPPERCUT"> <a href="/versions/v13/software/S0275/"> UPPERCUT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Uroburos-Uroburos"> <a href="/versions/v13/software/S0022/"> Uroburos </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Ursnif-Ursnif"> <a href="/versions/v13/software/S0386/"> Ursnif </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="USBferry-USBferry"> <a href="/versions/v13/software/S0452/"> USBferry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="USBStealer-USBStealer"> <a href="/versions/v13/software/S0136/"> USBStealer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Valak-Valak"> <a href="/versions/v13/software/S0476/"> Valak </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="VaporRage-VaporRage"> <a href="/versions/v13/software/S0636/"> VaporRage </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Vasport-Vasport"> <a href="/versions/v13/software/S0207/"> Vasport </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="VBShower-VBShower"> <a href="/versions/v13/software/S0442/"> VBShower </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="VERMIN-VERMIN"> <a href="/versions/v13/software/S0257/"> VERMIN </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ViceLeaker-ViceLeaker"> <a href="/versions/v13/software/S0418/"> ViceLeaker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ViperRAT-ViperRAT"> <a href="/versions/v13/software/S0506/"> ViperRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Volgmer-Volgmer"> <a href="/versions/v13/software/S0180/"> Volgmer </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="VPNFilter-VPNFilter"> <a href="/versions/v13/software/S1010/"> VPNFilter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WannaCry-WannaCry"> <a href="/versions/v13/software/S0366/"> WannaCry </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WarzoneRAT-WarzoneRAT"> <a href="/versions/v13/software/S0670/"> WarzoneRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WastedLocker-WastedLocker"> <a href="/versions/v13/software/S0612/"> WastedLocker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Waterbear-Waterbear"> <a href="/versions/v13/software/S0579/"> Waterbear </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WEBC2-WEBC2"> <a href="/versions/v13/software/S0109/"> WEBC2 </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WellMail-WellMail"> <a href="/versions/v13/software/S0515/"> WellMail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WellMess-WellMess"> <a href="/versions/v13/software/S0514/"> WellMess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Wevtutil-Wevtutil"> <a href="/versions/v13/software/S0645/"> Wevtutil </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WhisperGate-WhisperGate"> <a href="/versions/v13/software/S0689/"> WhisperGate </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Wiarp-Wiarp"> <a href="/versions/v13/software/S0206/"> Wiarp </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Windows Credential Editor-Windows Credential Editor"> <a href="/versions/v13/software/S0005/"> Windows Credential Editor </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WINDSHIELD-WINDSHIELD"> <a href="/versions/v13/software/S0155/"> WINDSHIELD </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WindTail-WindTail"> <a href="/versions/v13/software/S0466/"> WindTail </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WINERACK-WINERACK"> <a href="/versions/v13/software/S0219/"> WINERACK </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Winexe-Winexe"> <a href="/versions/v13/software/S0191/"> Winexe </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Wingbird-Wingbird"> <a href="/versions/v13/software/S0176/"> Wingbird </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WinMM-WinMM"> <a href="/versions/v13/software/S0059/"> WinMM </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Winnti for Linux-Winnti for Linux"> <a href="/versions/v13/software/S0430/"> Winnti for Linux </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Winnti for Windows-Winnti for Windows"> <a href="/versions/v13/software/S0141/"> Winnti for Windows </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Wiper-Wiper"> <a href="/versions/v13/software/S0041/"> Wiper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WireLurker-WireLurker"> <a href="/versions/v13/software/S0312/"> WireLurker </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="WolfRAT-WolfRAT"> <a href="/versions/v13/software/S0489/"> WolfRAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Woody RAT-Woody RAT"> <a href="/versions/v13/software/S1065/"> Woody RAT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="X-Agent for Android-X-Agent for Android"> <a href="/versions/v13/software/S0314/"> X-Agent for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="XAgentOSX-XAgentOSX"> <a href="/versions/v13/software/S0161/"> XAgentOSX </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Xbash-Xbash"> <a href="/versions/v13/software/S0341/"> Xbash </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Xbot-Xbot"> <a href="/versions/v13/software/S0298/"> Xbot </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="xCaon-xCaon"> <a href="/versions/v13/software/S0653/"> xCaon </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="xCmd-xCmd"> <a href="/versions/v13/software/S0123/"> xCmd </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="XcodeGhost-XcodeGhost"> <a href="/versions/v13/software/S0297/"> XcodeGhost </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="XCSSET-XCSSET"> <a href="/versions/v13/software/S0658/"> XCSSET </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="XLoader for Android-XLoader for Android"> <a href="/versions/v13/software/S0318/"> XLoader for Android </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="XLoader for iOS-XLoader for iOS"> <a href="/versions/v13/software/S0490/"> XLoader for iOS </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="XTunnel-XTunnel"> <a href="/versions/v13/software/S0117/"> XTunnel </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="YAHOYAH-YAHOYAH"> <a href="/versions/v13/software/S0388/"> YAHOYAH </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="YiSpecter-YiSpecter"> <a href="/versions/v13/software/S0311/"> YiSpecter </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="yty-yty"> <a href="/versions/v13/software/S0248/"> yty </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Zebrocy-Zebrocy"> <a href="/versions/v13/software/S0251/"> Zebrocy </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Zen-Zen"> <a href="/versions/v13/software/S0494/"> Zen </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ZergHelper-ZergHelper"> <a href="/versions/v13/software/S0287/"> ZergHelper </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Zeroaccess-Zeroaccess"> <a href="/versions/v13/software/S0027/"> Zeroaccess </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ZeroT-ZeroT"> <a href="/versions/v13/software/S0230/"> ZeroT </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Zeus Panda-Zeus Panda"> <a href="/versions/v13/software/S0330/"> Zeus Panda </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ZLib-ZLib"> <a href="/versions/v13/software/S0086/"> ZLib </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="Zox-Zox"> <a href="/versions/v13/software/S0672/"> Zox </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="zwShell-zwShell"> <a href="/versions/v13/software/S0350/"> zwShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ZxShell-ZxShell"> <a href="/versions/v13/software/S0412/"> ZxShell </a> </div> </div> <div class="sidenav"> <div class="sidenav-head " id="ZxxZ-ZxxZ"> <a href="/versions/v13/software/S1013/"> ZxxZ </a> </div> </div> </div> </div> </div> </div> <!--start-indexing-for-search--> </div> <div class="tab-content col-xl-9 col-lg-9 col-md-8 pt-4" id="v-tabContent"> <div class="tab-pane fade show active" id="v-attckmatrix" role="tabpanel" aria-labelledby="v-attckmatrix-tab"> <ol class="breadcrumb"> <li class="breadcrumb-item"><a href="/versions/v13/">Home</a></li> <li class="breadcrumb-item"><a href="/versions/v13/software/">Software</a></li> <li class="breadcrumb-item">Backdoor.Oldrea</li> </ol> <div class="tab-pane fade show active" id="v-" role="tabpanel" aria-labelledby="v--tab"></div> <div class="row"> <div class="col-xl-12"> <div class="jumbotron jumbotron-fluid"> <div class="container-fluid"> <h1> Backdoor.Oldrea </h1> <div class="row"> <div class="col-md-8"> <div class="description-body"> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> is a modular backdoor that used by <a href="/versions/v13/groups/G0035">Dragonfly</a> against energy companies since at least 2013. <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> was distributed via supply chain compromise, and included specialized modules to enumerate and map ICS-specific systems, processes, and protocols.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span><span onclick=scrollToRef('scite-3') id="scite-ref-3-a" class="scite-citeref-number" data-reference="Symantec Dragonfly Sept 2017">^{<a href="https://docs.broadcom.com/doc/dragonfly_threat_against_western_energy_suppliers" target="_blank" data-hasqtip="2" aria-describedby="qtip-2">[3]</a>}</span></p> </div> </div> <div class="col-md-4"> <div class="card"> <div class="card-body"> <div id="card-id" class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">ID:&nbsp;</span>S0093 </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"> <span data-toggle="tooltip" data-placement="left" title="" data-test-ignore="true" data-original-title="Names that have overlapping reference to a software entry and may refer to the same or similar software in threat intelligence reporting">&#9432;</span> </div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Associated Software</span>: Havex </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"> <span data-toggle="tooltip" data-placement="left" title="" data-test-ignore="true" data-original-title="This software is commercial, custom closed source, or open source software intended to be used for malicious purposes by adversaries">&#9432;</span> </div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Type</span>: MALWARE </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"> <span data-toggle="tooltip" data-placement="left" title="" data-test-ignore="true" data-original-title="The system an adversary is operating within; could be an operating system or application">&#9432;</span> </div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Platforms</span>: Windows </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Version</span>: 2.0 </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Created:&nbsp;</span>31 May 2017 </div> </div> <div class="row card-data"> <div class="col-md-1 px-0 text-center"></div> <div class="col-md-11 pl-0"> <span class="h5 card-title">Last Modified:&nbsp;</span>12 October 2022 </div> </div> </div> </div> <div class="text-center pt-2 version-button permalink"> <div class="live"> <a data-toggle="tooltip" data-placement="bottom" title="Permalink to this version of S0093" href="/versions/v13/software/S0093/" data-test-ignore="true">Version Permalink</a> </div> <div class="permalink"> <a data-toggle="tooltip" data-placement="bottom" title="Go to the live version of S0093" href="/software/S0093/" data-test-ignore="true">Live Version</a><!--do not change this line without also changing versions.py--> </div> </div> </div> </div> <!--stop-indexing-for-search--> <div class="dropdown h3 mt-3 float-right"> <button class="btn btn-navy dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <b>ATT&amp;CK^&reg; Navigator Layers</b> </button> <div class="dropdown-menu" aria-labelledby="dropdownMenuButton"> <h6 class="dropdown-header">Enterprise Layer</h6> <a class="dropdown-item" href="/versions/v13/software/S0093/S0093-enterprise-layer.json" download target="_blank">download</a> <!-- only show view on navigator link if layer link is defined --> <a class="dropdown-item" href="#" id="view-layer-on-navigator-enterprise" target="_blank">view <img width="10" src="/versions/v13/theme/images/external-site-dark.jpeg"></a> <script src="/versions/v13/theme/scripts/settings.js"></script> <script> if (window.location.protocol == "https:") { //view on navigator only works when this site is hosted on HTTPS var layerURL = window.location.protocol + "//" + window.location.host + base_url + "software/S0093/S0093-enterprise-layer.json"; document.getElementById("view-layer-on-navigator-enterprise").href = "https://mitre-attack.github.io/attack-navigator//#layerURL=" + encodeURIComponent(layerURL); } else { //hide button document.getElementById("view-layer-on-navigator-enterprise").classList.add("d-none"); } </script> <div class="dropdown-divider"></div> <h6 class="dropdown-header">ICS Layer</h6> <a class="dropdown-item" href="/versions/v13/software/S0093/S0093-ics-layer.json" download target="_blank">download</a> <!-- only show view on navigator link if layer link is defined --> <a class="dropdown-item" href="#" id="view-layer-on-navigator-ics" target="_blank">view <img width="10" src="/versions/v13/theme/images/external-site-dark.jpeg"></a> <script src="/versions/v13/theme/scripts/settings.js"></script> <script> if (window.location.protocol == "https:") { //view on navigator only works when this site is hosted on HTTPS var layerURL = window.location.protocol + "//" + window.location.host + base_url + "software/S0093/S0093-ics-layer.json"; document.getElementById("view-layer-on-navigator-ics").href = "https://mitre-attack.github.io/attack-navigator//#layerURL=" + encodeURIComponent(layerURL); } else { //hide button document.getElementById("view-layer-on-navigator-ics").classList.add("d-none"); } </script> </div> </div> <!--start-indexing-for-search--> <h2 class="pt-3 mb-2" id="techniques">Techniques Used</h2> <table class="table techniques-used background table-bordered"> <thead> <tr> <th class="p-2" scope="col">Domain</th> <th class="p-2" colspan="2">ID</th> <th class="p-2" scope="col">Name</th> <th class="p-2" scope="col">Use</th> </tr> </thead> <tbody> <tr class="sub technique noparent enterprise" id="enterprise"> <td> Enterprise </td> <td> <a href="/versions/v13/techniques/T1087">T1087</a> </td> <td> <a href="/versions/v13/techniques/T1087/003">.003</a> </td> <td> <a href="/versions/v13/techniques/T1087">Account Discovery</a>: <a href="/versions/v13/techniques/T1087/003">Email Account</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> collects address book information from Outlook.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1560">T1560</a> </td> <td> <a href="/versions/v13/techniques/T1560">Archive Collected Data</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> writes collected data to a temporary file in an encrypted form before exfiltration to a C2 server.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="sub technique noparent enterprise" id="enterprise"> <td> Enterprise </td> <td> <a href="/versions/v13/techniques/T1547">T1547</a> </td> <td> <a href="/versions/v13/techniques/T1547/001">.001</a> </td> <td> <a href="/versions/v13/techniques/T1547">Boot or Logon Autostart Execution</a>: <a href="/versions/v13/techniques/T1547/001">Registry Run Keys / Startup Folder</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> adds Registry Run keys to achieve persistence.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="sub technique noparent enterprise" id="enterprise"> <td> Enterprise </td> <td> <a href="/versions/v13/techniques/T1555">T1555</a> </td> <td> <a href="/versions/v13/techniques/T1555/003">.003</a> </td> <td> <a href="/versions/v13/techniques/T1555">Credentials from Password Stores</a>: <a href="/versions/v13/techniques/T1555/003">Credentials from Web Browsers</a> </td> <td> <p>Some <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> samples contain a publicly available Web browser password recovery tool.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="sub technique noparent enterprise" id="enterprise"> <td> Enterprise </td> <td> <a href="/versions/v13/techniques/T1132">T1132</a> </td> <td> <a href="/versions/v13/techniques/T1132/001">.001</a> </td> <td> <a href="/versions/v13/techniques/T1132">Data Encoding</a>: <a href="/versions/v13/techniques/T1132/001">Standard Encoding</a> </td> <td> <p>Some <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> samples use standard Base64 + bzip2, and some use standard Base64 + reverse XOR + RSA-2048 to decrypt data received from C2 servers.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1083">T1083</a> </td> <td> <a href="/versions/v13/techniques/T1083">File and Directory Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> collects information about available drives, default browser, desktop file list, My Documents, Internet history, program files, and root of available drives. It also searches for ICS-related software files.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="sub technique noparent enterprise" id="enterprise"> <td> Enterprise </td> <td> <a href="/versions/v13/techniques/T1070">T1070</a> </td> <td> <a href="/versions/v13/techniques/T1070/004">.004</a> </td> <td> <a href="/versions/v13/techniques/T1070">Indicator Removal</a>: <a href="/versions/v13/techniques/T1070/004">File Deletion</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> contains a cleanup module that removes traces of itself from the victim.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1105">T1105</a> </td> <td> <a href="/versions/v13/techniques/T1105">Ingress Tool Transfer</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> can download additional modules from C2.<span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1046">T1046</a> </td> <td> <a href="/versions/v13/techniques/T1046">Network Service Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> can use a network scanning module to identify ICS-related ports.<span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1057">T1057</a> </td> <td> <a href="/versions/v13/techniques/T1057">Process Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> collects information about running processes.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1055">T1055</a> </td> <td> <a href="/versions/v13/techniques/T1055">Process Injection</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> injects itself into explorer.exe.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1018">T1018</a> </td> <td> <a href="/versions/v13/techniques/T1018">Remote System Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> can enumerate and map ICS-specific systems in victim environments.<span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="sub technique noparent enterprise" id="enterprise"> <td> Enterprise </td> <td> <a href="/versions/v13/techniques/T1218">T1218</a> </td> <td> <a href="/versions/v13/techniques/T1218/011">.011</a> </td> <td> <a href="/versions/v13/techniques/T1218">System Binary Proxy Execution</a>: <a href="/versions/v13/techniques/T1218/011">Rundll32</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> can use rundll32 for execution on compromised hosts.<span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1082">T1082</a> </td> <td> <a href="/versions/v13/techniques/T1082">System Information Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> collects information about the OS and computer name.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1016">T1016</a> </td> <td> <a href="/versions/v13/techniques/T1016">System Network Configuration Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> collects information about the Internet adapter configuration.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> <tr class="technique enterprise" id="enterprise"> <td> Enterprise </td> <td colspan="2"> <a href="/versions/v13/techniques/T1033">T1033</a> </td> <td> <a href="/versions/v13/techniques/T1033">System Owner/User Discovery</a> </td> <td> <p><a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> collects the current username from the victim.<span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0802">T0802</a> </td> <td> <a href="/versions/v13/techniques/T0802">Automated Collection</a> </td> <td> <p>Using OPC, a component of <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> gathers any details about connected devices and sends them back to the C2 for the attackers to analyze. <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="Daavid Hentunen, Antti Tikkanen June 2014">^{<a href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0814">T0814</a> </td> <td> <a href="/versions/v13/techniques/T0814">Denial of Service</a> </td> <td> <p>The <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> payload has caused multiple common OPC platforms to intermittently crash. This could cause a denial of service effect on applications reliant on OPC communications. <span onclick=scrollToRef('scite-5') id="scite-ref-5-a" class="scite-citeref-number" data-reference="ICS-CERT August 2018">^{<a href="https://ics-cert.us-cert.gov/advisories/ICSA-14-178-01" target="_blank" data-hasqtip="4" aria-describedby="qtip-4">[5]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0861">T0861</a> </td> <td> <a href="/versions/v13/techniques/T0861">Point & Tag Identification</a> </td> <td> <p>The <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> payload has the capability of enumerating OPC tags, in addition to more generic OPC server information. The server data and tag names can provide information about the names and function of control devices. <span onclick=scrollToRef('scite-5') id="scite-ref-5-a" class="scite-citeref-number" data-reference="ICS-CERT August 2018">^{<a href="https://ics-cert.us-cert.gov/advisories/ICSA-14-178-01" target="_blank" data-hasqtip="4" aria-describedby="qtip-4">[5]</a>}</span> <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="Daavid Hentunen, Antti Tikkanen June 2014">^{<a href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0846">T0846</a> </td> <td> <a href="/versions/v13/techniques/T0846">Remote System Discovery</a> </td> <td> <p>The <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> ICS malware plugin relies on Windows networking (WNet) to discover all the servers, including OPC servers, that are reachable by the compromised machine over the network. <span onclick=scrollToRef('scite-6') id="scite-ref-6-a" class="scite-citeref-number" data-reference="Julian Rrushi, Hassan Farhangi, Clay Howey, Kelly Carmichael, Joey Dabell December 2015">^{<a href="https://pdfs.semanticscholar.org/18df/43ef1690b0fae15a36f770001160aefbc6c5.pdf" target="_blank" data-hasqtip="5" aria-describedby="qtip-5">[6]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0888">T0888</a> </td> <td> <a href="/versions/v13/techniques/T0888">Remote System Information Discovery</a> </td> <td> <p>The <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> payload gathers server information that includes CLSID, server name, Program ID, OPC version, vendor information, running state, group count, and server bandwidth. This information helps indicate the role the server has in the control process. <span onclick=scrollToRef('scite-5') id="scite-ref-5-a" class="scite-citeref-number" data-reference="ICS-CERT August 2018">^{<a href="https://ics-cert.us-cert.gov/advisories/ICSA-14-178-01" target="_blank" data-hasqtip="4" aria-describedby="qtip-4">[5]</a>}</span> <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="Daavid Hentunen, Antti Tikkanen June 2014">^{<a href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0865">T0865</a> </td> <td> <a href="/versions/v13/techniques/T0865">Spearphishing Attachment</a> </td> <td> <p>The <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> RAT is distributed through a trojanized installer attached to emails. <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="Daavid Hentunen, Antti Tikkanen June 2014">^{<a href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0862">T0862</a> </td> <td> <a href="/versions/v13/techniques/T0862">Supply Chain Compromise</a> </td> <td> <p>The <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> RAT is distributed through trojanized installers planted on compromised vendor sites. <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="Daavid Hentunen, Antti Tikkanen June 2014">^{<a href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a>}</span></p> </td> </tr> <tr class="technique ics" id="ics"> <td> ICS </td> <td colspan="2"> <a href="/versions/v13/techniques/T0863">T0863</a> </td> <td> <a href="/versions/v13/techniques/T0863">User Execution</a> </td> <td> <p>Execution of <a href="/versions/v13/software/S0093">Backdoor.Oldrea</a> relies on a user opening a trojanized installer attached to an email. <span onclick=scrollToRef('scite-4') id="scite-ref-4-a" class="scite-citeref-number" data-reference="Daavid Hentunen, Antti Tikkanen June 2014">^{<a href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank" data-hasqtip="3" aria-describedby="qtip-3">[4]</a>}</span> <span onclick=scrollToRef('scite-7') id="scite-ref-7-a" class="scite-citeref-number" data-reference="Kyle Wilhoit">^{<a href="https://www.youtube.com/watch?v=eywmb7UDODY&feature=youtu.be&t=939" target="_blank" data-hasqtip="6" aria-describedby="qtip-6">[7]</a>}</span></p> </td> </tr> </tbody> </table> <h2 class="pt-3" id="groups">Groups That Use This Software</h2> <table class="table table-bordered table-alternate mt-2"> <thead> <tr> <th scope="col">ID</th> <th scope="col" width="20%">Name</th> <th scope="col">References</th> </tr> </thead> <tbody> <tr> <td> <a href="/versions/v13/groups/G0035">G0035</a> </td> <td> <a href="/versions/v13/groups/G0035">Dragonfly</a> </td> <td> <p><span onclick=scrollToRef('scite-1') id="scite-ref-1-a" class="scite-citeref-number" data-reference="Symantec Dragonfly">^{<a href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank" data-hasqtip="0" aria-describedby="qtip-0">[1]</a>}</span><span onclick=scrollToRef('scite-2') id="scite-ref-2-a" class="scite-citeref-number" data-reference="Gigamon Berserk Bear October 2021">^{<a href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank" data-hasqtip="1" aria-describedby="qtip-1">[2]</a>}</span></p> </td> </tr> </tbody> </table> <h2 class="pt-3" id="references">References</h2> <div class="row"> <div class="col"> <ol> <li> <span id="scite-1" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-1" href="https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=7382dce7-0260-4782-84cc-890971ed3f17&CommunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments" target="_blank"> Symantec Security Response. (2014, June 30). Dragonfly: Cyberespionage Attacks Against Energy Suppliers. Retrieved April 8, 2016. </a> </span> </span> </li> <li> <span id="scite-2" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-2" href="https://vblocalhost.com/uploads/VB2021-Slowik.pdf" target="_blank"> Slowik, J. (2021, October). THE BAFFLING BERSERK BEAR: A DECADE鈥橲 ACTIVITY TARGETING CRITICAL INFRASTRUCTURE. Retrieved December 6, 2021. </a> </span> </span> </li> <li> <span id="scite-3" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-3" href="https://docs.broadcom.com/doc/dragonfly_threat_against_western_energy_suppliers" target="_blank"> Symantec Security Response. (2014, July 7). Dragonfly: Western energy sector targeted by sophisticated attack group. Retrieved September 9, 2017. </a> </span> </span> </li> <li> <span id="scite-4" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-4" href="https://www.f-secure.com/weblog/archives/00002718.html" target="_blank"> Daavid Hentunen, Antti Tikkanen 2014, June 23 Havex Hunts For ICS/SCADA Systems Retrieved. 2019/04/01 </a> </span> </span> </li> </ol> </div> <div class="col"> <ol start="5.0"> <li> <span id="scite-5" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-5" href="https://ics-cert.us-cert.gov/advisories/ICSA-14-178-01" target="_blank"> ICS-CERT 2018, August 22 Advisory (ICSA-14-178-01) Retrieved. 2019/04/01 </a> </span> </span> </li> <li> <span id="scite-6" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-6" href="https://pdfs.semanticscholar.org/18df/43ef1690b0fae15a36f770001160aefbc6c5.pdf" target="_blank"> Julian Rrushi, Hassan Farhangi, Clay Howey, Kelly Carmichael, Joey Dabell 2015, December 08 A Quantitative Evaluation of the Target Selection of Havex ICS Malware Plugin Retrieved. 2019/04/01 </a> </span> </span> </li> <li> <span id="scite-7" class="scite-citation"> <span class="scite-citation-text"> <a rel="nofollow" class="external text" name="scite-7" href="https://www.youtube.com/watch?v=eywmb7UDODY&feature=youtu.be&t=939" target="_blank"> Kyle Wilhoit Daavid Hentunen, Antti Tikkanen 2014, June 23 Havex Hunts For ICS/SCADA Systems Retrieved. 2019/04/01 ICS Malware: Havex and Black Energy Retrieved. 2019/10/22 </a> </span> </span> </li> </ol> </div> </div> </div> </div> </div> </div> </div> </div> <!--stop-indexing-for-search--> <!-- search overlay for entire page -- not displayed inline --> <div class="overlay search" id="search-overlay" style="display: none;"> <div class="overlay-inner"> <!-- text input for searching --> <div class="search-header"> <div class="search-input"> <input type="text" id="search-input" placeholder="search"> </div> <div class="search-icons"> <div class="search-parsing-icon spinner-border" style="display: none" id="search-parsing-icon"></div> <div class="close-search-icon" id="close-search-icon">&times;</div> </div> </div> <!-- results and controls for loading more results --> <div id="search-body" class="search-body"> <div class="results" id="search-results"> <!-- content will be appended here on search --> </div> <div id="load-more-results" class="load-more-results"> <button class="btn btn-default" id="load-more-results-button">load more results</button> </div> </div> </div> </div> </div> <div class="row flex-grow-0 flex-shrink-1"> <!-- footer elements --> <footer class="col footer p-3"> <div class="container-fluid"> <div class="row"> <div class="col-4 col-sm-4 col-md-3"> <div class="footer-center-responsive my-auto"> <a href="https://www.mitre.org" target="_blank" rel="noopener" aria-label="MITRE"> <img src="/versions/v13/theme/images/mitrelogowhiteontrans.gif" class="mitre-logo-wtrans"> </a> </div> </div> <div class="col-2 col-sm-2 footer-responsive-break"></div> <div class="col-6 col-sm-6 text-center"> <p> 漏 2015-2023, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation. </p> <div class="row"> <div class="col text-right"> <small> <a href="/versions/v13/resources/privacy" class="footer-link">Privacy Policy</a> </small> </div> <div class="col text-center"> <small> <a href="/versions/v13/resources/terms-of-use" class="footer-link">Terms of Use</a> </small> </div> <div class="col text-left "> <small> <a href="/versions/v13/resources/changelog.html" class="footer-link" data-toggle="tooltip" data-placement="top" data-html="true" title="ATT&amp;CK content v13.1&#013;Website v4.0.5">ATT&CK v13.1</a> </small> </div> </div> </div> <div class="w-100 p-2 footer-responsive-break"></div> <div class="col"> <div class="footer-float-right-responsive-brand"> <div class="mb-1"> <a href="https://twitter.com/MITREattack" class="btn btn-primary w-100"> <!-- <i class="fa fa-twitter"></i> --> <img src="/versions/v13/theme/images/twitter.png" class="mr-1 twitter-icon"> <b>@MITREattack</b> </a> </div> <div class=""> <a href="/versions/v13/contact" class="btn btn-primary w-100"> Contact </a> </div> </div> </div> </div> </div> </div> </footer> </div> </div> <!--stopindex--> </div> <!--SCRIPTS--> <script src="/versions/v13/theme/scripts/jquery-3.5.1.min.js"></script> <script src="/versions/v13/theme/scripts/popper.min.js"></script> <script src="/versions/v13/theme/scripts/bootstrap-select.min.js"></script> <script src="/versions/v13/theme/scripts/bootstrap.bundle.min.js"></script> <script src="/versions/v13/theme/scripts/site.js?4796"></script> <script src="/versions/v13/theme/scripts/settings.js?1751"></script> <script src="/versions/v13/theme/scripts/search_bundle.js"></script> <script src="/versions/v13/theme/scripts/resizer.js"></script> <!--SCRIPTS--> <script src="/versions/v13/theme/scripts/navigation.js"></script> <script src="/versions/v13/theme/scripts/bootstrap-tourist.js"></script> <script src="/versions/v13/theme/scripts/settings.js"></script> <script src="/versions/v13/theme/scripts/tour/tour-relationships.js"></script> </body> </html>