Malware
Minodo
Since late February 2023, Minodo Backdoor campaigns have been employed to deliver either the Project Nemesis information stealer or more sophisticated backdoors like Cobalt Strike.
Since late February 2023, Minodo Backdoor campaigns have been employed to deliver either the Project Nemesis information stealer or more sophisticated backdoors like Cobalt Strike. This backdoor collects basic system information, which it then transmits to the C2 server. In return, it receives an AES-encrypted payload. Notably, the Minodo Backdoor is designed to contact a different C2 address for domain-joined systems. This suggests that more capable backdoors, such as Cobalt Strike, are downloaded on higher-value targets instead of Project Nemesis.
Family metadata imported from Malpedia (Fraunhofer FKIE).