 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: KANDYKORN| Names | KANDYKORN | |
| Category | Malware | |
| Type | Backdoor, Exfiltration | |
| Description | (Elastic) KANDYKORN is the final stage of this execution chain and possesses a full-featured set of capabilities to access and exfiltrate data from the victim’s computer. Elastic Security Labs was able to retrieve this payload from one C2 server which hadn’t been deactivated yet. | |
| Information | <https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/osx.kandykorn> | |
Last change to this tool card: 17 January 2024
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | Lazarus Group, Hidden Cobra, Labyrinth Chollima |  | 2007-Feb 2024  |  | |
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |