Software: ChChes

From ATT&CK
Jump to: navigation, search
ChChes
Software
ID S0144
Aliases ChChes
Type Malware

ChChes is a Trojan that appears to be used exclusively by menuPass. It was used to target Japanese organizations in 2016. Its lack of persistence methods suggests it may be intended as a first-stage tool.12

Techniques Used

  • Code Signing - ChChes samples were digitally signed with a certificate originally used by Hacking Team that was later leaked and subsequently revoked.12
  • Remote File Copy - ChChes is capable of downloading files, including additional modules.12

Groups

The following groups use this software: