ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Seasalt

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Seasalt

NamesSeasalt
CategoryMalware
TypeReconnaissance, Backdoor, Info stealer, Exfiltration
DescriptionThe SEASALT malware family communicates via a custom binary protocol. It is capable of gathering some basic system information, file system manipulation, file upload and download, process creation and termination, and spawning an interactive reverse shell. The malware maintains persistence by installing itself as a service.
Information<https://www.mcafee.com/enterprise/en-us/assets/reports/rp-operation-oceansalt.pdf>
<http://contagiodump.blogspot.com/2013/03/mandiant-apt1-samples-categorized-by.html>
MITRE ATT&CK<https://attack.mitre.org/software/S0345/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.seasalt>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:seasalt>

Last change to this tool card: 23 April 2020

Download this tool card in JSON format

Previous: SeaDuke
Next: SEAWEED

All groups using tool Seasalt

ChangedNameCountryObserved

APT groups

 Comment Crew, APT 1China2006-May 2018X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]