Kevin

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[Kevin](https://attack.mitre.org/software/S1020) is a backdoor implant written in C++ that has been used by [HEXANE](https://attack.mitre.org/groups/G1001) since at least June 2020, including in operations against organizations in Tunisia.(Citation: Kaspersky Lyceum October 2021)

Tecniche Associate (21)

ID	ATT&CK	Tattiche
T1001.001	Junk Data	-
T1005	Data from Local System	-
T1008	Fallback Channels	-
T1016	System Network Configuration Discovery	-
T1027.013	Encrypted/Encoded File	-
T1030	Data Transfer Size Limits	-
T1036.003	Rename Legitimate Utilities	-
T1041	Exfiltration Over C2 Channel	-
T1059.003	Windows Command Shell	-
T1070.004	File Deletion	-
T1071.001	Web Protocols	-
T1071.004	DNS	-
T1074	Data Staged	-
T1082	System Information Discovery	-
T1105	Ingress Tool Transfer	-

Usato da Attori (1)

HEXANE
Unknown

Metadata

ID:	632
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00