Malware: ELMER

Description

[ELMER](https://attack.mitre.org/software/S0064) is a non-persistent, proxy-aware HTTP backdoor written in Delphi that has been used by [APT16](https://attack.mitre.org/groups/G0023). (Citation: FireEye EPS Awakens Part 2)

External References

• mitre-attack
• FireEye EPS Awakens Part 2

Techniques Used by This Malware

• T1057 — Process Discovery
• T1071.001 — Web Protocols
• T1083 — File and Directory Discovery

APT Groups Using This Malware

• APT16