SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
Get2
Get2 is a downloader written in C++ that has been used by TA505 to deliver FlawedGrace, FlawedAmmyy, Snatch and SDBbot.[1]
ID: S0460
ⓘ
Type: MALWARE
ⓘ
Platforms: Windows
Version: 1.0
Created: 29 May 2020
Last Modified: 16 June 2020
Techniques Used
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1071 | .001 | Application Layer Protocol: Web Protocols |
Get2 has the ability to use HTTP to send information collected from an infected host to C2.[1] |
| Enterprise | T1059 | Command and Scripting Interpreter |
Get2 has the ability to run executables with command-line arguments.[1] |
|
| Enterprise | T1057 | Process Discovery |
Get2 has the ability to identify running processes on an infected host.[1] |
|
| Enterprise | T1055 | .001 | Process Injection: Dynamic-link Library Injection | |
| Enterprise | T1082 | System Information Discovery |
Get2 has the ability to identify the computer name and Windows version of an infected host.[1] |
|
| Enterprise | T1033 | System Owner/User Discovery |
Get2 has the ability to identify the current username of an infected host.[1] |
|
Groups That Use This Software
| ID | Name | References |
|---|---|---|
| G0092 | TA505 |
References
×