ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool Mongall

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Mongall

NamesMongall
CategoryMalware
TypeBackdoor
Description(SentinelLabs) Mongall is a small backdoor going back to 2013, first described in a report by ESET. According to the report, the threat actor was trying to target the Telecommunications Department and the Vietnamese government. More recently, Aoqin Dragon has been reported targeting Southeast Asia with an upgraded Mongall encryption protocol and Themida packer.
Information<https://www.sentinelone.com/labs/aoqin-dragon-newly-discovered-chinese-linked-apt-has-been-quietly-spying-on-organizations-for-10-years/>
<https://www.fireeye.com/content/dam/fireeye-www/global/en/current-threats/pdfs/wp-operation-quantum-entanglement.pdf>
MITRE ATT&CK<https://attack.mitre.org/software/S1026/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.mongall>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:Mongall>

Last change to this tool card: 30 December 2022

Download this tool card in JSON format

Previous: MoneyTaker
Next: MoonBounce

All groups using tool Mongall

ChangedNameCountryObserved

APT groups

 Aoqin DragonChina2013 
 DragonOKChina2015-Jan 2017 
 MoafeeChina2014 

3 groups listed (3 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]