[adbupd] is a backdoor used by [PLATINUM]( that is similar to [Dipsind]( (Citation: Microsoft PLATINUM April 2016)


[Emissary] is a Trojan that has been used by [Lotus Blossom]( It shares code with [Elise](, with both Trojans being part of a malware group referred to as LStudio. (Citation: Lotus Blossom Dec 2015)

Exaramel for Linux

[Exaramel for Linux] is a backdoor written in the Go Programming Language and compiled as a 64-bit ELF binary. The Windows version is tracked separately under [Exaramel for Windows]( ESET TeleBots Oct 2018)


[KEYMARBLE] is a Trojan that has reportedly been used by the North Korean government. (Citation: US-CERT KEYMARBLE Aug 2018)


[BUBBLEWRAP] is a full-featured, second-stage backdoor used by the [admin@338]( group. It is set to run when the system boots and includes functionality to check, upload, and register plug-ins that can further enhance its capabilities. (Citation: FireEye admin@338)


[HAWKBALL] is a backdoor that was observed in targeting of the government sector in Central Asia.(Citation: FireEye HAWKBALL Jun 2019)


[Ursnif] is a banking trojan and variant of the Gozi malware observed being spread through various automated exploit kits, [Spearphishing Attachment](, and malicious links.(Citation: NJCCIC Ursnif Sept 2016)(Citation: ProofPoint Ursnif Aug 2016) [Ursnif] is associated primarily with data theft, but variants also include components (backdoors, spyware,


[ZLib] is a full-featured backdoor that was used as a second-stage implant by [Dust Storm]( from 2014 to 2015. It is malware and should not be confused with the compression library from which its name is derived. (Citation: Cylance Dust Storm)


[RedLeaves] is a malware family used by [menuPass]( The code overlaps with [PlugX]( and may be based upon the open source tool Trochilus. (Citation: PWC Cloud Hopper Technical Annex April 2017) (Citation: FireEye APT10 April 2017)


[Miner-C] is malware that mines victims for the Monero cryptocurrency. It has targeted FTP servers and Network Attached Storage (NAS) devices to spread. (Citation: Softpedia MinerC)