ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Ghole

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Ghole

NamesGhole
Gholee
CoreImpact (Modified)
CategoryTools
TypeVulnerability scanner
Description(Trend Micro) GHOLE is a malware family derived from a modified Core Impact product. Core Impact is a penetration-testing product made by Core Security, a legitimate company.
Information<https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-woolen-goldfish-when-kittens-go-phishing>
<https://www.clearskysec.com/gholee-a-protective-edge-themed-spear-phishing-campaign/>
<http://www.trendmicro.it/media/wp/operation-woolen-goldfish-whitepaper-en.pdf>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.ghole>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:ghole>

Last change to this tool card: 28 December 2022

Download this tool card in JSON format

All groups using tool Ghole

ChangedNameCountryObserved

APT groups

 Rocket Kitten, Newscaster, NewsBeefIran2011-2017 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]