Question 1

What is S0042 — LOWBALL?

Accepted Answer

[LOWBALL](https://attack.mitre.org/software/S0042) is malware used by [admin@338](https://attack.mitre.org/groups/G0018). It was used in August 2015 in email messages targeting Hong Kong-based media organizations. (Citation: FireEye admin@338) Documented platforms: Windows.

Question 2

What is the authoritative source for S0042?

Accepted Answer

LOWBALL (S0042) is catalogued in MITRE ATT&CK Enterprise and curated for EU compliance use cases by SQUR.

S0042LOWBALL

Description

Platforms· 1

Attributed to1

References

Related by meaning· 6