สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > List all tools > List all groups using tool SysUpdate

Threat Group Cards: A Threat Actor Encyclopedia

Tool: SysUpdate

Names	SysUpdate FOCUSFJORD HyperSSL
Category	Malware
Type	Backdoor, Loader, Downloader
Description	(SecureWorks) SysUpdate is a multi-stage malware used exclusively by BRONZE UNION. It has been delivered by multiple methods.
Information	<https://www.secureworks.com/research/a-peek-into-bronze-unions-toolbox> <https://research.nccgroup.com/2018/05/18/emissary-panda-a-potential-new-malicious-tool/> <https://www.trendmicro.com/en_us/research/21/d/iron-tiger-apt-updates-toolkit-with-evolved-sysupdate-malware-va.html>
Malpedia	<https://malpedia.caad.fkie.fraunhofer.de/details/win.hyperssl>

Last change to this tool card: 28 December 2021

Download this tool card in JSON format

All groups using tool SysUpdate

Changed	Name	Country	Observed
APT groups
	Emissary Panda, APT 27, LuckyMouse, Bronze Union		2010-Mar 2021

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]