ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool sip_telephone

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: sip_telephone

Namessip_telephone
CategoryMalware
TypeReconnaissance
Description(Trend Micro) sip_telephone, also named in the PDB path as such, uses Windows Management Instrumentation (WMI) to get the AV installed in the machine, its computer name, and processor ID, among others. It performs tasks in an endless loop, with 100 seconds of sleep time.
Information<https://documents.trendmicro.com/assets/research-deciphering-confucius-cyberespionage-operations.pdf>

Last change to this tool card: 20 April 2020

Download this tool card in JSON format

All groups using tool sip_telephone

ChangedNameCountryObserved

APT groups

 ConfuciusIndia2013-Aug 2021 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]