COMBOS (fa38b79c-9774-45a0-831c-24c6c8d39a22)
The COMBOS malware family is an HTTP based backdoor. The backdoor is capable of file upload, file download, spawning a interactive reverse shell, and terminating its own process. The backdoor may decrypt stored Internet Explorer credentials from the local system and transmit the credentials to the C2 server. The COMBOS malware family does not have any persistence mechanisms built into itself.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Combos (2b71a966-da08-4467-a785-cb6abf2fa65e) | Malpedia | COMBOS (fa38b79c-9774-45a0-831c-24c6c8d39a22) | Tool | 1 |