 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: GOGGLES| Names | GOGGLES TROJAN.FOXY | |
| Category | Malware | |
| Type | Downloader | |
| Description | (Citizen Lab) a simple downloader that is controlled via encoded markers in files accessed over HTTP. The C2 communication method, commands, and particularly the data encoding method in GOGGLES are very similar to the sample we analyzed. The connection was initially noticed due to a shared string used in decoding methods, and the presence of the same two commands for each program. Follow-up code analysis confirmed that these programs share much of the same code, and use the same C2 server. It is very likely that GOGGLES is a later version of GLASSES. | |
| Information | <https://citizenlab.ca/2013/02/apt1s-glasses-watching-a-human-rights-organization/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.goggles> | |
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Comment Crew, APT 1 |  | 2006-May 2018 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |