Check out the results from our first round of ATT&CK Evaluations at attackevals.mitre.org!

Nerex

Nerex is a Trojan used by Elderwood to open a backdoor on compromised hosts. [1] [2]

ID: S0210
Aliases: Nerex
Type: MALWARE
Platforms: Windows

Version: 1.0

Alias Descriptions

NameDescription
Nerex[2]

Techniques Used

DomainIDNameUse
EnterpriseT1116Code SigningNerex drops a signed Microsoft DLL to disk.[2]
EnterpriseT1112Modify RegistryNerex creates a Registry subkey that registers a new service.[2]
EnterpriseT1050New ServiceNerex creates a Registry subkey that registers a new service.[2]
EnterpriseT1105Remote File CopyNerex creates a backdoor through which remote attackers can download files onto a compromised host.[3]

Groups

Groups that use this software:

Elderwood

References