SYMBOLCOMMON_NAMEaka. SYNONYMS
win.quietsieve (Back to overview)

QuietSieve

Actor(s): Gamaredon Group

According to Microsoft, this is a heavily obfuscated .NET malware, primarily geared towards the exfiltration of data from the compromised host. But it can also receive and execute a remote payload from the operator.

References
2022-02-04MicrosoftMicrosoft Digital Security Unit (DSU), Microsoft Threat Intelligence Center (MSTIC)
ACTINIUM targets Ukrainian organizations
DilongTrash DinoTrain Pteranodon QuietSieve Gamaredon Group

There is no Yara-Signature yet.