Names | Pierogi | |
Category | Malware | |
Type | Backdoor | |
Description | (Cybereason) Pierogi, the backdoor in this attack, appears to be a new backdoor written in Delphi. It enables the attackers to spy on victims using rather basic backdoor capabilities. While it is unknown at this point whether the backdoor was coded by the same members of the group behind the attacks, there are indications that suggest that the malware was authored by Ukranian-speaking malware developers. The commands used to communicate with the C2 servers and other strings in the binary are written in Ukrainian. | |
Information | <https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-2-the-discovery-of-the-new-mysterious-pierogi-backdoor> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.pierogi> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:Pierogi> |
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
Previous: PICKPOCKET
Next: PiggyBack
Changed | Name | Country | Observed | ||
APT groups | |||||
Molerats, Extreme Jackal, Gaza Cybergang | [Gaza] | 2012-Jul 2023 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |