ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool CreepyDrive

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: CreepyDrive

NamesCreepyDrive
CategoryMalware
TypeBackdoor, Downloader, Exfiltration
Description(ESET) CreepyDrive is a PowerShell backdoor that reads and executes commands from a text file stored on OneDrive or Dropbox. It can upload or download files from attacker-controlled accounts in these cloud services, and execute supplied PowerShell code.
Information<https://www.welivesecurity.com/2022/10/11/polonium-targets-israel-creepy-malware/>
MITRE ATT&CK<https://attack.mitre.org/software/S1023/>

Last change to this tool card: 30 December 2022

Download this tool card in JSON format

Previous: CREDRIVER
Next: CreepySnail

All groups using tool CreepyDrive

ChangedNameCountryObserved

APT groups

 PoloniumLebanon2022-Sep 2022 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]