SysUpdate

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[SysUpdate](https://attack.mitre.org/software/S0663) is a backdoor written in C++ that has been used by [Threat Group-3390](https://attack.mitre.org/groups/G0027) since at least 2020.(Citation: Trend Micro Iron Tiger April 2021)

Tecniche Associate (31)

ID	ATT&CK	Tattiche
T1005	Data from Local System	-
T1007	System Service Discovery	-
T1016	System Network Configuration Discovery	-
T1016.001	Internet Connection Discovery	-
T1027.002	Software Packing	-
T1027.011	Fileless Storage	-
T1027.013	Encrypted/Encoded File	-
T1033	System Owner/User Discovery	-
T1036.004	Masquerade Task or Service	-
T1041	Exfiltration Over C2 Channel	-
T1047	Windows Management Instrumentation	-
T1057	Process Discovery	-
T1070.004	File Deletion	-
T1071.004	DNS	-
T1082	System Information Discovery	-

Alias (315)

HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD HyperSSL Soldier FOCUSFJORD

Usato da Attori (1)

Threat Group-3390
Unknown

Metadata

ID:	540
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00