Software: China Chopper

From enterprise
Jump to: navigation, search
China Chopper
ID S0020
Aliases China Chopper
Type Malware

China Chopper is a Web shell hosted on Web servers to provide access back into an enterprise network that does not rely on an infected system calling back to a remote command and control server.1 It has been used by several threat groups, including Threat Group-3390.2

Techniques Used

  • Web Shell - The China Chopper backdoor is a Web shell that supports server payloads for many different kinds of server-side scripting languages and contains functionality to access files, connect to a database, and open a virtual command prompt.1


The following groups use this software: