S1031Windows

S1031PingPull

Platforms
1
ATT&CK
14.1
References
2

Description

[PingPull](https://attack.mitre.org/software/S1031) is a remote access Trojan (RAT) written in Visual C++ that has been used by [GALLIUM](https://attack.mitre.org/groups/G0093) since at least June 2022. [PingPull](https://attack.mitre.org/software/S1031) has been used to target telecommunications companies, financial institutions, and government entities in Afghanistan, Australia, Belgium, Cambodia, Malaysia, Mozambique, the Philippines, Russia, and Vietnam.(Citation: Unit 42 PingPull Jun 2022)

Platforms· 1

Windows

Attributed to1

TypeTargetConfidenceTier
GroupGALLIUMg0093100%live

References

  1. https://attack.mitre.org/software/S1031
  2. https://unit42.paloaltonetworks.com/pingpull-gallium/

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
ZxxZ
Software
Action RAT
Software
KEYPLUG
Software
SLOTHFULMEDIA
Software
AuTo Stealer
Software
Octopus
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.