IOC pivotioc · sha-256
8a99353662ccae117d2bb22efd8c43d7169060450be413af763e8ad7522d2451
?? · UnknownBlackSuitconfidence · high
SHA256 of the Chisel TCP/UDP-over-HTTP tunneling tool used by Royal/BlackSuit operators for C2 egress, listed in Table 4 of AA23-061A as of January 2023.
- family
- BlackSuit
- first seen
- Mar 1, 2023
- publisher
- CISA