Malware: Crutch

Description

[Crutch](https://attack.mitre.org/software/S0538) is a backdoor designed for document theft that has been used by [Turla](https://attack.mitre.org/groups/G0010) since at least 2015.(Citation: ESET Crutch December 2020)

External References

• mitre-attack
• ESET Crutch December 2020

Techniques Used by This Malware

• T1005 — Data from Local System
• T1008 — Fallback Channels
• T1020 — Automated Exfiltration
• T1025 — Data from Removable Media
• T1036.004 — Masquerade Task or Service
• T1041 — Exfiltration Over C2 Channel
• T1053.005 — Scheduled Task
• T1071.001 — Web Protocols
• T1074.001 — Local Data Staging
• T1102.002 — Bidirectional Communication
• T1119 — Automated Collection
• T1120 — Peripheral Device Discovery
• T1560.001 — Archive via Utility
• T1567.002 — Exfiltration to Cloud Storage
• T1574.001 — DLL

APT Groups Using This Malware

• Turla