TABMSGSQL (d5a4cbe7-81c9-4a52-80ee-07ca3f625844)
This malware family is a full-featured backdoor capable of file uploading and downloading, arbitrary execution of programs, and providing a remote interactive command shell. All communications with the C2 server are sent over HTTP to a static URL, appending various URL parameters to the request. Some variants use a slightly different URL.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| TABMSGSQL (d5a4cbe7-81c9-4a52-80ee-07ca3f625844) | Tool | TabMsgSQL (48aa9c41-f420-418b-975c-1fb6e2a91145) | Malpedia | 1 |