China Chopper

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[China Chopper](https://attack.mitre.org/software/S0020) is a [Web Shell](https://attack.mitre.org/techniques/T1505/003) hosted on Web servers to provide access back into an enterprise network that does not rely on an infected system calling back to a remote command and control server.(Citation: Lee 2013) It has been used by several threat groups.(Citation: Dell TG-3390)(Citation: FireEye Periscope March 2018)(Citation: CISA AA21-200A APT40 July 2021)(Citation: Rapid7 HAFNIUM Mar 2021)

Tecniche Associate (10)

ID	ATT&CK	Tattiche
T1005	Data from Local System	-
T1027.002	Software Packing	-
T1046	Network Service Discovery	-
T1059.003	Windows Command Shell	-
T1070.006	Timestomp	-
T1071.001	Web Protocols	-
T1083	File and Directory Discovery	-
T1105	Ingress Tool Transfer	-
T1110.001	Password Guessing	-
T1505.003	Web Shell	-

Usato da Attori (9)

APT41
Nation-state

BackdoorDiplomacy
Unknown

Fox Kitten
Unknown

GALLIUM
Unknown

HAFNIUM
Unknown

Leviathan
Unknown

MUSTANG PANDA
Nation-state

Threat Group-3390
Unknown

ToddyCat
Unknown

Metadata

ID:	261
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00