BoxCaon

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[BoxCaon](https://attack.mitre.org/software/S0651) is a Windows backdoor that was used by [IndigoZebra](https://attack.mitre.org/groups/G0136) in a 2021 spearphishing campaign against Afghan government officials. [BoxCaon](https://attack.mitre.org/software/S0651)'s name stems from similarities shared with the malware family [xCaon](https://attack.mitre.org/software/S0653).(Citation: Checkpoint IndigoZebra July 2021)

Tecniche Associate (12)

ID	ATT&CK	Tattiche
T1005	Data from Local System	-
T1016	System Network Configuration Discovery	-
T1027	Obfuscated Files or Information	-
T1041	Exfiltration Over C2 Channel	-
T1059.003	Windows Command Shell	-
T1074.001	Local Data Staging	-
T1083	File and Directory Discovery	-
T1102.002	Bidirectional Communication	-
T1105	Ingress Tool Transfer	-
T1106	Native API	-
T1547	Boot or Logon Autostart Execution	-
T1567.002	Exfiltration to Cloud Storage	-

Usato da Attori (1)

IndigoZebra
Unknown

Metadata

ID:	411
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00