Skip to content
MalwareWiki

Malware

FoalShell

According to BI.ZONE, FoalShell is a simple reverse shell used by Cavalry Werewolf, written in Go, C++, and C#.

FoalShell is a Windows malware family operated by YoroTrooper.

Background

BI.ZONE reports that FoalShell is a lightweight reverse shell deployed by Cavalry Werewolf, with variants implemented in Go, C++, and C#. Once running on a victim machine, it lets operators issue arbitrary commands through the cmd.exe interpreter.

Source: Malpedia (Fraunhofer FKIE).