ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool HiKit

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: HiKit

NamesHiKit
CategoryMalware
TypeBackdoor, Tunneling
Description(Novetta) Hikit consists of at least two generations of malware that provides basic RAT functionality. The first generation of Hikit (referred to as “Gen 1”) operates as a server and requires an externally exposed network interface in order for an attacker to access the victim machine. The second generation of Hikit (referred to as “Gen 2”) uses the more traditional client model and beacons out to an attacker’s C2 server. While the communication models shifted dramatically between Gen 1 and Gen 2, both generations of Hikit retain the same basic RAT function consisting of remote command shell, file management, network proxy and port forwarding.
Information<https://www.novetta.com/wp-content/uploads/2014/11/HiKit.pdf>
<https://www.recordedfuture.com/hidden-lynx-analysis/>
MITRE ATT&CK<https://attack.mitre.org/software/S0009/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.hikit>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:hikit>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

All groups using tool HiKit

ChangedNameCountryObserved

APT groups

 APT 17, Deputy Dog, Elderwood, Sneaky PandaChina2009-Sep 2017 
XAPT 31, Judgment Panda, ZirconiumChina2016-Feb 2022 
 Axiom, Group 72China2008-2008/2014 
 Hidden Lynx, Aurora PandaChina2009-2014X

4 groups listed (4 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]