ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Crypta

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Crypta

NamesCrypta
CategoryMalware
TypeLoader
Description(Kaspersky) Dropping Elephant introduced a new loader for BADNEWS, a tool we named Crypta. It contains mechanisms to hinder detection and appears to be a core component of this APT actor’s recent toolset. Crypta and its variants have been observed in multiple scenarios loading a wide range of subsequent payloads, such as Bozok, QuasarRAT and LokiBot.
Information<https://securelist.com/apt-trends-report-q1-2021/101967/>

Last change to this tool card: 15 May 2021

Download this tool card in JSON format

All groups using tool Crypta

ChangedNameCountryObserved

APT groups

 Patchwork, Dropping ElephantIndia2013-Mar 2018 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key