SNUGRIDE

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Snugride is a type of malware that was used in recent APT10 activity. Malware, or malicious software, is a harmful program designed to exploit and damage computers or devices. Snugride works as a backdoor that communicates with its C2 server through HTTP requests. It is often installed via traditional spear phishing and access to victim’s networks through managed service providers. The malware is part of a larger campaign that also includes HAYMAKER, BUGJUICE, and QUASARRAT. HAYMAKER and SNUGRIDE have been used as first stage backdoors, while BUGJUICE and a customized version of the open source QUASARRAT have been used as second stage backdoors. These malware types allow attackers to gain access to victims' networks and steal sensitive information or disrupt their operations. To protect against these threats, it is important to take precautions such as avoiding suspicious downloads, emails, or websites. Additionally, organizations should ensure that their network security measures are up-to-date and invest in employee training to prevent cyber attacks from occurring. Vigilance and ongoing cybersecurity education are key to preventing malware attacks like snugride and its associated malware types.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Malware
Phishing
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
APT10Unspecified
1
APT10, also known as the Menupass Team, is a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). The group has been active since 2009 and is suspected to be based in Tianjin, China, according to research by IntrusionTruth in 2018. APT10 has primarily targeted
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the SNUGRIDE Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
APT10 MenuPass Group | Global Targeting Using New Tools
MITRE
a year ago
Advanced Persistent Threats (APTs) | Threat Actors & Groups