 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: Mongall| Names | Mongall | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (SentinelLabs) Mongall is a small backdoor going back to 2013, first described in a report by ESET. According to the report, the threat actor was trying to target the Telecommunications Department and the Vietnamese government. More recently, Aoqin Dragon has been reported targeting Southeast Asia with an upgraded Mongall encryption protocol and Themida packer. | |
| Information | <https://www.sentinelone.com/labs/aoqin-dragon-newly-discovered-chinese-linked-apt-has-been-quietly-spying-on-organizations-for-10-years/> <https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S1026/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.mongall> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:Mongall> | |
Last change to this tool card: 30 December 2022
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Aoqin Dragon |  | 2013 | |||
| DragonOK | | 2015-Jan 2017 | |||
| Moafee | | 2014 | |||
3 groups listed (3 APT, 0 other, 0 unknown)
|
Infrastructure and Security Department Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |