Description
[CSPY Downloader](https://attack.mitre.org/software/S0527) is a tool designed to evade analysis and download additional payloads used by [Kimsuky](https://attack.mitre.org/groups/G0094).(Citation: Cybereason Kimsuky November 2020)
External References
Techniques Used by This Tool
- T1027.002 — Software Packing
- T1036.004 — Masquerade Task or Service
- T1053.005 — Scheduled Task
- T1070 — Indicator Removal
- T1070.004 — File Deletion
- T1071.001 — Web Protocols
- T1105 — Ingress Tool Transfer
- T1112 — Modify Registry
- T1204.002 — Malicious File
- T1497.001 — System Checks
- T1548.002 — Bypass User Account Control
- T1553.002 — Code Signing