Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

EyeShell is a .NET-based modular backdoor that can contact a remote C2 server and execute commands to enumerate files and directories, download and upload files to and from the host, execute a specified file, delete files, and capture screenshots.