ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Nautilus

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Nautilus

NamesNautilus
CategoryMalware
TypeBackdoor
DescriptionNautilus is very similar to Neuron both in the targeting of mail servers and how client communications are performed. This malware is referred to as Nautilus due to its embedded internal DLL name “nautilus-service.dll”, again sharing some resemblance to Neuron. The Nautilus service listens for HTTP requests from clients to process tasking requests such as executing commands, deleting files and writing files to disk.
Information<https://threatpost.com/turla-compromises-iranian-apt/149375/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.nautilus>

Last change to this tool card: 23 April 2020

Download this tool card in JSON format

All groups using tool Nautilus

ChangedNameCountryObserved

APT groups

 OilRig, APT 34, Helix Kitten, ChryseneIran2014-Sep 2024 HOTX
 Turla, Waterbug, Venomous BearRussia1996-Dec 2023 

2 groups listed (2 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]