ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool ProcDump

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: ProcDump

NamesProcDump
CategoryTools
TypeCredential stealer
DescriptionProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters. It also can serve as a general process dump utility that you can embed in other scripts.

Part of SysInternals.
Information<https://docs.microsoft.com/en-us/sysinternals/downloads/procdump>

Last change to this tool card: 20 April 2020

Download this tool card in JSON format

All groups using tool ProcDump

ChangedNameCountryObserved

APT groups

 AntlionChina2011 
 APT 20, Violin PandaChina2014-2017 
 Comment Crew, APT 1China2006-May 2018X
XEmissary Panda, APT 27, LuckyMouse, Bronze UnionChina2010-Aug 2022 HOT 
 FamousSparrow[Unknown]2019 
 FIN13[Unknown]2016 
 GhostEmperorChina2020 
 Goblin Panda, Cycldek, ConimesChina2013-Jun 2020 
 IAmTheKingRussia2018 
 Ke3chang, Vixen Panda, APT 15, GREF, Playful DragonChina2010-May 2020 
XKimsuky, Velvet ChollimaNorth Korea2012-Early 2022X
XLazarus Group, Hidden Cobra, Labyrinth ChollimaNorth Korea2007-Aug 2022 HOTX
 Operation HarvestChina2016 
 Sofacy, APT 28, Fancy Bear, SednitRussia2004-Jun 2022 HOTX
 TaskMastersChina2010-May 2021 
 UNC215China2019 

Other groups

 Parinacota[Unknown]2018 

17 groups listed (16 APT, 1 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]