ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Freenki Loader

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Freenki Loader

NamesFreenki Loader
CategoryMalware
TypeDownloader
Description(Palo Alto) Freenki has two main purposes. The first is to collect host information and the other is to serve as a second stage downloader. Each of these will be explained in detail in the following section.

Freenki depends on the right command line argument being passed to execute any of its interesting code, if no arguments are passed it simply exits.
Information<https://unit42.paloaltonetworks.com/unit42-freemilk-highly-targeted-spear-phishing-campaign/>
<http://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.freenki>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:freenki>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

All groups using tool Freenki Loader

ChangedNameCountryObserved

APT groups

 Reaper, APT 37, Ricochet Chollima, ScarCruftNorth Korea2012-Mar 2022X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]