Taidoor

Taidoor is malware that has been used since at least 2010, primarily to target Taiwanese government organizations. [1]

ID: S0011
Type: MALWARE
Platforms: Windows
Version: 1.1
Created: 31 May 2017
Last Modified: 30 March 2020

Techniques Used

Domain ID Name Use
Enterprise T1573 .001 Encrypted Channel: Symmetric Cryptography

Taidoor uses RC4 to encrypt the message body of HTTP content.[1]

Enterprise T1055 Process Injection

Taidoor can perform DLL loading.[1]

References