 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: CHAIRSMACK| Names | CHAIRSMACK | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (Mandiant) CHAIRSMACK is a backdoor written in C++ that communicates using HTTP. CHAIRSMACK's core functionality involves expanding its capabilities by retrieving plugins from a C2 server. Downloaded plugins are cached on disk for future use. Capabilities added via plugins are inferred based on supported backdoor command names. These capabilities include shell command execution, screenshot capture, audio capture, keylogging, file transfer, and file execution. | |
| Information | <https://www.mandiant.com/media/17826> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.chairsmack> | |
Last change to this tool card: 27 December 2022
Download this tool card in JSON format
Previous: CHAINSHOT
Next: CHAVECLOAK
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | APT 42 |  | 2015-Feb 2024 | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |