QueenOfClubs

By GoldSparrow in Backdoors

Translate To:

QueenOfClubs was the subject of a report issued by the Department of Homeland Security CISA agency, where it was named SlothfulMedia. QueenOfClubs is a malware strain that fills the same role as KingOfHearts and QueenOfHearts in the toolkit of a sophisticated threat actor.

QueenOfClubs is a C++ backdoor that is equipped with all the functions attributed to this malware. It can manipulate the file system on the compromised system - delete files and folders, download, upload data, execute commands, list running process and shut any of them down. Compared to KingOfHearts, this threat has an expanded array of functions due to the inclusion of the ability to run PowerShell scripts. Another difference is that QueenOfClubs has a built-in screenshot grabber instead of relegating this task to a standalone utility.

As for QueenOfHearts, the researchers found multiple links between the two threats. Both malware strains use several identical hard coded file names, while traffic from both threats was observed to be directed towards the same Command-and-Control servers. Furthermore, both tools were sometimes deployed side by side on the compromised computer.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

QueenOfClubs

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen