ESET researchers are connecting Ke3chang APT with a new team.
Oaklum was found abroad, indicating that the team is still working
Change the code
So far, researchers have found a new family of malware.
Ke3chang is associated with this group and is available.
Later, the property is owned by Ketrican, Okrum and Royal DNS.
Associated with threat group
Okrum’s rear cover first appeared in December 2016,
Slovakia, Belgium, Chile, Guatemala,
Follow our blog on 18 July 2017 in Brazil.
An analysis of Ke3chang relations has already been published.
Okrum was recently discovered in the background and malware allows for expensive bills.
Oklom is believed to be led by a team of Ke3chang researchers.
Piss. After filming Ke3chang activities from 2015 to 2019
He concludes that the team is committed and striving for improvement
Sometimes the code
Scientists say Okram is due to the tetrahedral base used
Throw in the back door of the series, built by 201 Ket. Oakroom has a back door
Connect the dynamic library, which installs and loads the previous two steps
A component whose utility is stored in a PNG file.
In addition, Okram has a similar effect on K3 modification
This is malicious and is a basic set of feedback commands.
Malicious software requires you to enter hidden instructions and execute external commands
Tools for a lot of their bad work.
All three back doors are designed for one type of organization
One or more goals that affect the district
According to Catrican / RoyalDNS.