Nerex

Nerex is a Trojan used by Elderwood to open a backdoor on compromised hosts. [1] [2]

ID: S0210
Type: MALWARE
Platforms: Windows

Version: 1.0

Techniques Used

DomainIDNameUse
EnterpriseT1116Code SigningNerex drops a signed Microsoft DLL to disk.[2]
EnterpriseT1112Modify RegistryNerex creates a Registry subkey that registers a new service.[2]
EnterpriseT1050New ServiceNerex creates a Registry subkey that registers a new service.[2]
EnterpriseT1105Remote File CopyNerex creates a backdoor through which remote attackers can download files onto a compromised host.[3]

Groups

Groups that use this software:

Elderwood

References