SYMBOLCOMMON_NAMEaka. SYNONYMS
win.gogra (Back to overview)

GoGra

aka: Onedrivetools

According to Symantec, a previously unseen backdoor that was deployed against a media organization in South Asia in November, 2023. GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services.

References
2024-08-07SymantecThreat Hunter Team
Cloud Cover: How Malicious Actors Are Leveraging Cloud Services
GoGra MOONTAG Ondritols TONERJAM

There is no Yara-Signature yet.