S0178Windows

S0178Truvasys

Platforms
1
ATT&CK
14.1
References
4

Description

[Truvasys](https://attack.mitre.org/software/S0178) is first-stage malware that has been used by [PROMETHIUM](https://attack.mitre.org/groups/G0056). It is a collection of modules written in the Delphi programming language. (Citation: Microsoft Win Defender Truvasys Sep 2017) (Citation: Microsoft NEODYMIUM Dec 2016) (Citation: Microsoft SIR Vol 21)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupPROMETHIUMg0056100%live

References

  1. https://attack.mitre.org/software/S0178
  2. https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Backdoor:Win32/Truvasys.A!dha
  3. https://blogs.technet.microsoft.com/mmpc/2016/12/14/twin-zero-day-attacks-promethium-and-neodymium-target-individuals-in-europe/
  4. http://download.microsoft.com/download/E/B/0/EB0F50CC-989C-4B66-B7F6-68CD3DC90DE3/Microsoft_Security_Intelligence_Report_Volume_21_English.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
PROMETHIUM
Software
RTM
Software
Volgmer
Software
Zebrocy
Software
Daserf
Software
Psylo
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.