ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool PINEGROVE

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: PINEGROVE

NamesPINEGROVE
CategoryMalware
TypeExfiltration
Description(Mandiant) During the intrusion, Mandiant observed APT41 leveraging PINEGROVE for their data exfiltration. PINEGROVE is a command-line uploader written in Go with functionality to collect and upload a file to OneDrive via the OneDrive API. PINEGROVE expects an authentication JSON file including relevant OneDrive credentials and the target file to upload.
Information<https://cloud.google.com/blog/topics/threat-intelligence/apt41-arisen-from-dust>

Last change to this tool card: 26 August 2024

Download this tool card in JSON format

All groups using tool PINEGROVE

ChangedNameCountryObserved

APT groups

 APT 41China2012-Aug 2024X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]