 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Sisfader| Names | Sisfader Sisfader RAT | |
| Category | Malware | |
| Type | Backdoor, Info stealer | |
| Description | (NCC Group) The payload installed by the WLL file is not a common RAT. We believe it to be either new or custom. Context Information Security, one of the other industry partners on the UK Cyber Incident Response scheme, has named this RAT Sisfader. We have adopted this name for consistency. It maintains persistence installing itself as a system service and has multiple components. | |
| Information | <https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/june/cve-2017-8570-rtf-and-the-sisfader-rat/> <https://medium.com/@Sebdraven/gobelin-panda-against-the-bears-1f462d00e3a4> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.sisfader> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:Sisfader> | |
Last change to this tool card: 14 May 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Goblin Panda, Cycldek, Conimes |  | 2013-Jun 2020 | |||
| Naikon, Lotus Panda | | 2010-Apr 2022 | |||
2 groups listed (2 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |