Skip to content
MalwareWiki

Malware

TClient

aka FIRESHADOW

Steve Miller pointed out that it is proxy-aware (Tencent) for C&C communication and uses wolfSSL, which makes it stick out.

TClient, also known as FIRESHADOW, is a Windows malware family operated by Pirate Panda.

Background

As noted by Steve Miller, this family stands out for two reasons: its C&C communication is proxy-aware (Tencent), and it relies on the wolfSSL library.

Source: Malpedia (Fraunhofer FKIE).