Crutch

MITRE

Malware Type:
Other

First seen:
Unknown

Last seen:
Unknown

Details:

[Crutch](https://attack.mitre.org/software/S0538) is a backdoor designed for document theft that has been used by [Turla](https://attack.mitre.org/groups/G0010) since at least 2015.(Citation: ESET Crutch December 2020)

Associated Techniques (15)

ID	ATT&CK	Tactics
T1005	Data from Local System	-
T1008	Fallback Channels	-
T1020	Automated Exfiltration	-
T1025	Data from Removable Media	-
T1036.004	Masquerade Task or Service	-
T1041	Exfiltration Over C2 Channel	-
T1053.005	Scheduled Task	-
T1071.001	Web Protocols	-
T1074.001	Local Data Staging	-
T1102.002	Bidirectional Communication	-
T1119	Automated Collection	-
T1120	Peripheral Device Discovery	-
T1560.001	Archive via Utility	-
T1567.002	Exfiltration to Cloud Storage	-
T1574.001	DLL	-

Used by Actors (1)

Turla
Nation-state

Metadata

ID:	413
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00