 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: FunnySwitch| Names | FunnySwitch RouterGod | |
| Category | Malware | |
| Type | Loader, Backdoor | |
| Description | (Trend Micro) FunnySwitch is a .NET Framework backdoor that usually starts with the “MITRE – Hijack Execution Flow: DLL Search Order Hijacking” technique and executes inside a legal process that was mentioned and analyzed by Positive Technologies in 2020. | |
| Information | <https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf> <https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/higaisa-or-winnti-apt-41-backdoors-old-and-new/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.funnyswitch> | |
Last change to this tool card: 27 December 2022
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 41 |  | 2012-Jul 2025 |  | ||
| Earth Lusca | | 2019-Sep 2024 | |||
| RedHotel, TAG-22 | | 2021-2022 | |||
| Winnti Group, Wicked Panda | | 2010-Mar 2021 | |||
4 groups listed (4 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |