FLAME PC VERSION : SUMURI
Click to enlarge
Eagle Test Systems Software Suite
Eagle Test Systems Software Suite : SUMURI $1,000.00
Back to products
Flame Portable EDR : SUMURI Digital Forensics
Flame Portable EDR : SUMURI Digital Forensics $1,700.00

FLAME PC VERSION : SUMURI

$5,000.00

The price of a three-year FLAME PC VERSION subscription is $15,000 .

Add to compare
Add to wishlist
0 People watching this product now!
Category:
Description

Description

FLAME PC VERSION is a hardware and software complex combining a PCI Express card and 2 USB boxes with modular software designed to recover data from damaged hard disks and/or copy by using hardware direct control over the disk. F.L.A.M.E. makes it possible to manage data recovery phases from the diagnosis to drive restoration and copy to a healthy drive or file image.

Flame PC VERSION is a sophisticated toolkit that has been used to collect information since at least 2010, largely targeting Middle East countries.

ID: S0143
Associated Software: Flamer, sKyWIper
Type: MALWARE
Platforms: Windows
Version: 1.1
Created: 31 May 2017
Last Modified: 16 April 2025
Version Permalink

FLAME PC VERSION  Associated Software Descriptions

Name Description
Flamer [1] [2]
sKyWIper [1] [3]

FLAME PC VERSION  Techniques Used

Domain ID Name Use
Enterprise T1123 Audio Capture Flame can record audio using any existing hardware recording devices.
Enterprise T1547 .002 Boot or Logon Autostart ExecutionAuthentication Package Flame can use Windows Authentication Packages for persistence.
Enterprise T1136 .001 Create AccountLocal Account Flame can create backdoor accounts with login “HelpAssistant” on domain connected systems if appropriate rights are available.
Enterprise T1011 .001 Exfiltration Over Other Network MediumExfiltration Over Bluetooth Flame has a module named BeetleJuice that contains Bluetooth functionality that may be used in different ways, including transmitting encoded information from the infected system over the Bluetooth protocol, acting as a Bluetooth beacon, and identifying other Bluetooth devices in the vicinity.
Enterprise T1210 Exploitation of Remote Services Flame can use MS10-061 to exploit a print spooler vulnerability in a remote system with a shared printer in order to move laterally.
Enterprise T1036 .010 MasqueradingMasquerade Account Name Flame can create backdoor accounts with login HelpAssistant on domain connected systems if appropriate rights are available.
Enterprise T1091 Replication Through Removable Media Flame contains modules to infect USB sticks and spread laterally to other Windows systems the stick is plugged into using Autorun functionality.
Enterprise T1113 Screen Capture Flame can take regular screenshots when certain applications are open that are sent to the command and control server.
Enterprise T1518 .001 Software DiscoverySecurity Software Discovery Flame identifies security software such as antivirus through the Security module.
Enterprise T1218 .011 System Binary Proxy ExecutionRundll32 Rundll32.exe is used as a way of executing Flame at the command-line.
ICS T0893 Data from Local System Flame has built-in modules to gather information from compromised computers. 
ICS T0882 Theft of Operational Information Flame can collect AutoCAD design data and visio diagrams as well as other documents that may contain operational information.
Reviews (0)

Reviews

There are no reviews yet.

Be the first to review “FLAME PC VERSION : SUMURI”

Related products

Eagle LP Suite : SUMURI
Add to compare
Quick view
Add to wishlist
Add to cart

Eagle LP Suite : SUMURI

$800.00
Eagle Test Systems Software Suite
Add to compare
Quick view
Add to wishlist
Add to cart

Eagle Test Systems Software Suite : SUMURI

$1,000.00
Flame Portable EDR : SUMURI Digital Forensics
Add to compare
Quick view
Add to wishlist
Add to cart

Flame Portable EDR : SUMURI Digital Forensics

$1,700.00
HEADSWAP TOOLSET : SUMURI
Add to compare
Quick view
Add to wishlist
Add to cart

HEADSWAP TOOLSET : SUMURI

$1.00