Gendwnurl Backdoor
概要
This threat can download other malware and unwanted software onto your PC.
We have seen this threat connect to a remote host, including:
pic-save.pw using port 80
Malware can connect to a remote host to do any of the following:
Check for an Internet connection
Download and run files (including updates or other malware)
Report a new infection to its author
Receive configuration or other data
Receive instructions from a malicious hacker
Search for your PC location
Upload information taken from your PC
Validate a digital certificate
We have seen this threat access online content, including:
JDUDUIFIB.exe
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 4.54
Matched TTPs:
- T1055.003 - Thread Execution Hijacking
MITREへのリンク →
Score: 5.93
Matched TTPs:
- T1518.002 - Backup Software Discovery
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 13.06
Matched TTPs:
- T1518.002 - Backup Software Discovery
- T1598.004 - Spearphishing Voice
- T1027.014 - Polymorphic Code
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 12.23
Matched TTPs:
- T1592.004 - Client Configurations
- T1138 - Application Shimming
- T1218.009 - Regsvcs/Regasm
MITREへのリンク →
Score: 9.34
Matched TTPs:
- T1592.004 - Client Configurations
- T1027.014 - Polymorphic Code
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 5.64
Matched TTPs:
- T1592.004 - Client Configurations
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 5.64
Matched TTPs:
- T1138 - Application Shimming
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 5.64
Matched TTPs:
- T1138 - Application Shimming
- T1597 - Search Closed Sources
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 4.95
Matched TTPs:
- T1597 - Search Closed Sources
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 7.98
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
- T1094 - Custom Command and Control Protocol
MITREへのリンク →
Score: 5.93
Matched TTPs:
- T1597 - Search Closed Sources
- T1566.003 - Spearphishing via Service
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1597 - Search Closed Sources
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 4.95
Matched TTPs:
- T1597 - Search Closed Sources
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 10.32
Matched TTPs:
- T1597 - Search Closed Sources
- T1055.005 - Thread Local Storage
- T1622 - Debugger Evasion
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 3.44
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1597 - Search Closed Sources
- T1027.014 - Polymorphic Code
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1597 - Search Closed Sources
- T1622 - Debugger Evasion
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 4.39
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 7.55
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1622 - Debugger Evasion
- T1546.017 - Udev Rules
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1685 - Disable or Modify Tools
MITREへのリンク →
Score: 5.78
Matched TTPs:
- T1584.002 - DNS Server
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1130 - Install Root Certificate
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1130 - Install Root Certificate
MITREへのリンク →
Score: 6.19
Matched TTPs:
- T1189 - Drive-by Compromise
- T1622 - Debugger Evasion
MITREへのリンク →
Score: 4.54
Matched TTPs:
- T1543.002 - Systemd Service
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1055.005 - Thread Local Storage
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 4.39
Matched TTPs:
- T1622 - Debugger Evasion
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 4.39
Matched TTPs:
- T1622 - Debugger Evasion
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 8.67
Matched TTPs:
- T1546.007 - Netsh Helper DLL
- T1566.003 - Spearphishing via Service
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.78
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1598.004 - Spearphishing Voice
- T1622 - Debugger Evasion
- T1518.002 - Backup Software Discovery
MITREへのリンク →
Score: 0.76
Matched TTPs:
- T1218.009 - Regsvcs/Regasm
- T1592.004 - Client Configurations
- T1138 - Application Shimming
MITREへのリンク →
Score: 0.64
Matched TTPs:
- T1597 - Search Closed Sources
- T1055.005 - Thread Local Storage
- T1622 - Debugger Evasion
- T1556 - Modify Authentication Process
MITREへのリンク →
Score: 0.61
Matched TTPs:
- T1027.014 - Polymorphic Code
- T1556 - Modify Authentication Process
- T1592.004 - Client Configurations
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1566.003 - Spearphishing via Service
- T1546.007 - Netsh Helper DLL
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design