 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: YamaBot| Names | YamaBot Kaos | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (JPCERT/CC) YamaBot malware communicates with C2 servers using HTTP requests. The following is a list of function names included in the sample that targets Windows OS. It is the attacker that named the malware as Yamabot. Those targeting Windows OS have functions specific to it, such as creating and checking Mutex. | |
| Information | <https://blogs.jpcert.or.jp/en/2022/07/yamabot.html> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.yamabot> | |
Last change to this tool card: 28 December 2022
Download this tool card in JSON format
Previous: Yahoyah
Next: Yispecter
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Lazarus Group, Hidden Cobra, Labyrinth Chollima |  | 2007-Feb 2024  |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |