Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-02 10:50:53 UTC
Home > List all groups > List all tools > List all groups using tool Elise
 Tool: Elise
Names
Elise
BKDR_ESILE
EVILNEST
Page
Category Malware
Type Backdoor, Exfiltration
Description
(Palo Alto) We believe that the Lotus Blossom group developed the Elise malware
specifically to meet the needs of the attack campaigns, and we’ve observed three
variants across 50 samples during the three-year period of these attacks. Elise is a
relatively sophisticated tool, including variants with the ability to evade detection in
virtual environments, connect to command-and-control servers for additional
instruction, and exfiltrate data.
Information
MITRE ATT&CK Malpedia Last change to this tool card: 30 December 2022
Download this tool card in JSON format
All groups using tool Elise
Changed Name Country Observed
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=f16f218c-6241-45d3-a9e3-9c4551aab26d
Page 1 of 2

APT groups
  Lotus Blossom, Spring Dragon, Thrip 2012-Aug 2024  
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=f16f218c-6241-45d3-a9e3-9c4551aab26d
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=f16f218c-6241-45d3-a9e3-9c4551aab26d
Page 2 of 2