Cyber Threat Report: 'Pelmeni Wrapper: New Wrapper of Kazuar (Turla Backdoor)'
| Report Author | Lab52 |
|---|---|
| Publication Date | 2024-02-19 |
| Original Reporting | Source |
| Attributed to Nation | Russia |
| Related Intrusion Sets | Turla |
| Related Threat Actors | FSB Center 16 |
Technical analysis of the 'Pelmeni Wrapper' using samples found on VirusTotal by researchers from Lab52. The investigation outlines how Pelmeni is used by Turla as part of their infection chain for current campaigns. The report includes indicators of compromise (IoCs), with malware hashes for multiple samples and command and control (C2) URLs.
Cyber Threat Graph Context
Explore how this report relates to the wider threat graph