Skip to content

Hide Navigation Hide TOC

hcdLoader (12bb8f4f-af29-49a0-8c2c-d28468f28fd8)

hcdLoader is a remote access tool (RAT) that has been used by APT18.

Cluster A Galaxy A Cluster B Galaxy B Level
hcdLoader (12bb8f4f-af29-49a0-8c2c-d28468f28fd8) RAT hcdLoader - S0071 (9e2bba94-950b-4fcf-8070-cb3f816c5f4e) Malware 1
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32) Attack Pattern hcdLoader - S0071 (9e2bba94-950b-4fcf-8070-cb3f816c5f4e) Malware 2
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern hcdLoader - S0071 (9e2bba94-950b-4fcf-8070-cb3f816c5f4e) Malware 2
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32) Attack Pattern Create or Modify System Process - T1543 (106c0cf6-bf73-4601-9aa8-0945c2715ec5) Attack Pattern 3
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62) Attack Pattern Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) Attack Pattern 3