Active since 2019, Nitrokod is a Turkish-speaking software developer that claims to offer free and safe software. Most of the programs Nitrokod offers are popular software that does not have an official desktop version. The applications are in fact, Trojanized and contain a delayed mechanism to unleash a long multi-stage infection that ends with a crypto mining malware
GROUP: MISP FEED
MALWARE FAMILY: Nitrokod
ATT&CK IDS: T1053 - Scheduled Task/Job, T1547 - Boot or Logon Autostart Execution, T1036 - Masquerading, T1049 - System Network Connections Discovery, T1070 - Indicator Removal on Host, T1560 - Archive Collected Data, T1002 - Data Compressed
Read More:
댓글