ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool DUSTPAN

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: DUSTPAN

NamesDUSTPAN
CategoryMalware
TypeDropper
Description(Mandiant) DUSTPAN is an in-memory dropper written in C/C++ that decrypts and executes an embedded payload. Different variations of DUSTPAN may also load an external payload off disk from a hard-coded file path encrypted in the Portable Executable (PE) file. DUSTPAN may be configured to inject the decrypted payload into another process or create a new thread and execute it within its own process space.
Information<https://cloud.google.com/blog/topics/threat-intelligence/apt41-arisen-from-dust>
<https://cloud.google.com/blog/topics/threat-intelligence/apt41-us-state-governments>

Last change to this tool card: 26 August 2024

Download this tool card in JSON format

All groups using tool DUSTPAN

ChangedNameCountryObserved

APT groups

 APT 41China2012-Aug 2024 HOTX

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]