HiddenFace
MITRE
Tipo Malware:
Other
Other
Prima attivita:
Unknown
Unknown
Ultima attivita:
Unknown
Unknown
Dettagli:
[HiddenFace](https://attack.mitre.org/software/S9023) is a modular backdoor developed and used exclusively by [MirrorFace](https://attack.mitre.org/groups/G1054) since at least 2021. [HiddenFace](https://attack.mitre.org/software/S9023) can communicate both actively and passively and has been used against political and academic targets.(Citation: JPCERT MirrorFace JUL 2024)(Citation: Trend Micro Earth Kasha NOV 2024)(Citation: Trend Micro Earth Kasha Updates APR 2025)
Tecniche Associate (27)
| ID | ATT&CK | Tattiche |
|---|---|---|
| T1005 | Data from Local System | - |
| T1008 | Fallback Channels | - |
| T1027.007 | Dynamic API Resolution | - |
| T1027.013 | Encrypted/Encoded File | - |
| T1033 | System Owner/User Discovery | - |
| T1053.005 | Scheduled Task | - |
| T1055 | Process Injection | - |
| T1057 | Process Discovery | - |
| T1070.006 | Timestomp | - |
| T1082 | System Information Discovery | - |
| T1090.001 | Internal Proxy | - |
| T1095 | Non-Application Layer Protocol | - |
| T1105 | Ingress Tool Transfer | - |
| T1112 | Modify Registry | - |
| T1127.001 | MSBuild | - |
Alias (6)
NOOPDOOR
NOOPDOOR
NOOPDOOR
NOOPDOOR
NOOPDOOR
NOOPDOOR
Usato da Attori (1)
Metadata
| ID: | 164537 |
| Created: | 28/04/2026 16:00 |
| Updated: | 01/05/2026 04:00 |