Actor(s): APT 29, APT29
According to Unit 42, this is a .NET X64 malware that is capable of interaction with GoogleDrive, allowing an attacker to have victim information uploaded and payloads delivered.
|2023-03-27 ⋅ Google ⋅ |
Threat Horizons: April 2023 Threat Horizons Report
|2022-07-19 ⋅ R136a1 ⋅ |
A look into APT29's new early-stage Google Drive downloader
BEATDROP BOOMBOX Gdrive Unidentified 098 (APT29 Slack Downloader)
|2022-07-19 ⋅ Palo Alto Networks Unit 42 ⋅ |
Russian APT29 Hackers Use Online Storage Services, DropBox and Google Drive
Cobalt Strike EnvyScout Gdrive
There is no Yara-Signature yet.