 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: ISMInjector| Names | ISMInjector Agent Injector | |
| Category | Malware | |
| Type | Loader | |
| Description | (Palo Alto) In August 2017, we found this threat group has developed yet another Trojan that they call ‘Agent Injector’ with the specific purpose of installing the ISMAgent backdoor. We are tracking this tool as ISMInjector. It has a sophisticated architecture and contains anti-analysis techniques that we have not seen in previous tools developed by this threat group. The complex structure and inclusion of new anti-analysis techniques may suggest that this group is increasing their development efforts in order to evade detection and gain higher efficacy in their attacks. | |
| Information | <https://unit42.paloaltonetworks.com/unit42-oilrig-group-steps-attacks-new-delivery-documents-new-injector-trojan/> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0189/> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:ISMInjector> | |
Last change to this tool card: 22 April 2020
Download this tool card in JSON format
Previous: ISMDoor
Next: IsSpace
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | OilRig, APT 34, Helix Kitten, Chrysene |  | 2014-Sep 2024  |  | |
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |