 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Harpoon| Names | Harpoon Garpun | |
| Category | Malware | |
| Type | Reconnaissance, Backdoor, Keylogger, Info stealer, Exfiltration | |
| Description | (Qihoo 360) [Google translated] Harpoon is a backdoor program for specific users independently developed by the Golden Eagle (APT-C-34) organization, which is implemented using Delphi. We obtained the instruction manual of the backdoor. The backdoor has powerful information collection functions, including screen captures, audio recordings, clipboard records, keyboard records, and stealing files with specific extensions. The STS Harpoon program provides the following functions: • Keylogger • Clipboard record • Take screenshots of the active window on the desktop of the target computer at predetermined intervals; • List the contents of a given directory on the hard disk of the target computer; • Get Skype login name, contact list and chat messages; • Get Skype and Google Hangouts callers and voice records; • Record sound from the microphone and eavesdrop; • Copy the specified file from the target computer; • Automatically copy document files from removable media on the target computer; • Package all the intercepted and copied information into an encrypted dat file, and then save them in the specified directory; • Send the obtained information to the specified FTP; • Run programs or operating system commands; • Download files from a given FTP and release them to a specified directory; • Remotely reconfigure and update components; • Receive information from a given FTP and automatically unzip the file to a specified directory; • Self-destruct The information collected by the backdoor is encrypted and uploaded to the designated FTP server. The related collected information is in the encrypted configuration file. | |
| Information | <http://blogs.360.cn/post/APT-C-34_Golden_Falcon.html> | |
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
Previous: HARDRAIN
Next: Hatef Wiper
| Changed | Name | Country | Observed | ||
APT groups | |||||
| DustSquad, Golden Falcon |  | 2014-2020 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |