Names | SessionManager | |
Category | Malware | |
Type | Backdoor | |
Description | (Palo Alto) SessionManager is a unique custom backdoor that allows its operators to run commands, as well as uploading files to and downloading them from the web server. This threat also allows attackers to use the web server as a proxy to communicate with additional systems on the network. | |
Information | <https://unit42.paloaltonetworks.com/rare-possible-gelsemium-attack-targets-se-asia/> <https://securelist.com/the-sessionmanager-iis-backdoor/106868/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.session_manager> |
Last change to this tool card: 13 October 2023
Download this tool card in JSON format
Previous: SessionGopher
Next: ShadowHammer
Changed | Name | Country | Observed | ||
APT groups | |||||
Gelsemium | 2014-Mid 2022 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |