X-Agent (Malware Family)
By Fraunhofer FKIE
Archived: 2026-04-05 16:28:09 UTC
elf.xagent (Back to overview)
X-Agent
aka: splm, chopstick, fysbis
Actor(s): APT28
There is no description at this point.
References
2020-09-10 ⋅ Kaspersky Labs ⋅ GReAT
An overview of targeted attacks and APTs on Linux
Cloud Snooper Dacls DoubleFantasy MESSAGETAP Penquin Turla Tsunami elf.wellmess X-Agent
2020-01-01 ⋅ Secureworks ⋅ SecureWorks
IRON TWILIGHT
X-Agent X-Agent X-Agent Computrace HideDRV Sedreco Seduploader X-Agent XTunnel Zebrocy Zebrocy
(AutoIT)
2018-02-20 ⋅ Kaspersky Labs ⋅ GReAT
A Slice of 2017 Sofacy Activity
X-Agent Seduploader X-Agent Zebrocy Zebrocy (AutoIT) APT28
2017-02-20 ⋅ Contagio Dump ⋅ Mila Parkour
Part I. Russian APT - APT28 collection of samples including OSX XAgent
X-Agent Komplex Coreshell Downdelph HideDRV SEADADDY Sedreco Seduploader X-Agent XTunnel
2016-10-20 ⋅ ESET Research ⋅ ESET Research
En Route with Sednit Part 2: Observing the Comings and Goings
X-Agent Sedreco X-Agent XTunnel
2016-06-15 ⋅ CrowdStrike ⋅ Dmitri Alperovitch
Bears in the Midst: Intrusion into the Democratic National Committee
X-Agent ATI-Agent SEADADDY Seduploader X-Agent XTunnel APT28
https://malpedia.caad.fkie.fraunhofer.de/details/elf.xagent
Page 1 of 2

2016-02-12 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Rob Downs
A Look Into Fysbis: Sofacy’s Linux Backdoor
X-Agent
2016-02-12 ⋅ Palo Alto Networks Unit 42 ⋅ Bryan Lee, Rob Downs
A Look Into Fysbis: Sofacy’s Linux Backdoor
X-Agent
2015-12-17 ⋅ Bitdefender ⋅ Bitdefender
APT28 Under the Scope: A Journey into Exfiltrating Intelligence and Government Information
X-Agent XP PrivEsc (CVE-2014-4076)
There is no Yara-Signature yet.
Source: https://malpedia.caad.fkie.fraunhofer.de/details/elf.xagent
https://malpedia.caad.fkie.fraunhofer.de/details/elf.xagent
Page 2 of 2