Home > List all groups > List all tools > List all groups using tool Crowdoor

Threat Group Cards: A Threat Actor Encyclopedia

Names	Crowdoor
Category	Malware
Type	Backdoor
Description	(Trend Micro) The new backdoor variant, Crowdoor, has been observed to interact with the Cobalt Strike installation, in keeping with Earth Estries’ tools, tactics, and procedures (TTPs) of cleaning up and reinstalling tools. Both instances of Crowdoor and the reinstalled Cobalt Strike were brought in as CAB files by preceding instances.
Information	<https://www.trendmicro.com/en_us/research/24/k/breaking-down-earth-estries-persistent-ttps-in-prolonged-cyber-o.html>

Last change to this tool card: 26 December 2024

Download this tool card in JSON format

1 group listed (1 APT, 0 other, 0 unknown)

APT groups