Description
[Kazuar](https://attack.mitre.org/software/S0265) is a fully featured, multi-platform backdoor Trojan written using the Microsoft .NET framework. (Citation: Unit 42 Kazuar May 2017)
External References
Techniques Used by This Malware
- T1005 — Data from Local System
- T1008 — Fallback Channels
- T1010 — Application Window Discovery
- T1016 — System Network Configuration Discovery
- T1027 — Obfuscated Files or Information
- T1029 — Scheduled Transfer
- T1033 — System Owner/User Discovery
- T1047 — Windows Management Instrumentation
- T1055.001 — Dynamic-link Library Injection
- T1057 — Process Discovery
- T1059.003 — Windows Command Shell
- T1059.004 — Unix Shell
- T1069.001 — Local Groups
- T1070.004 — File Deletion
- T1071.001 — Web Protocols
- T1071.002 — File Transfer Protocols
- T1074.001 — Local Data Staging
- T1082 — System Information Discovery
- T1083 — File and Directory Discovery
- T1087.001 — Local Account
- T1090.001 — Internal Proxy
- T1102.002 — Bidirectional Communication
- T1105 — Ingress Tool Transfer
- T1113 — Screen Capture
- T1125 — Video Capture
- T1132.001 — Standard Encoding
- T1485 — Data Destruction
- T1543.003 — Windows Service
- T1547.001 — Registry Run Keys / Startup Folder
- T1547.009 — Shortcut Modification