PACEMAKER

Malware & Tools · PACEMAKER

· MalwareS1109 · Zararlı Yazılım

Type

malware

Techniques

Used By

1 groups

Platforms

Network Devices, Linux

Description

PACEMAKER is a credential stealer that was used by APT5 as early as 2020 including activity against US Defense Industrial Base (DIB) companies.(Citation: Mandiant Pulse Secure Zero-Day April 2021)

Tactic Coverage

collection (2)credential access (1)stealth (1)privilege escalation (1)execution (1)discovery (1)

Used By (1 groups)

G1023APT5Mulberry Typhoon, MANGANESE

Techniques (6)

T1003.007Proc Filesystem

credential access

T1055.008Ptrace System Calls

stealthprivilege escalation

T1059.004Unix Shell

execution

T1074.001Local Data Staging

collection

T1083File and Directory Discovery

discovery

T1119Automated Collection

collection

References

https://attack.mitre.org/software/S1109 https://www.mandiant.com/resources/blog/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day