ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Freenki Loader

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Freenki Loader

NamesFreenki Loader
CategoryMalware
TypeDownloader
Description(Palo Alto) Freenki has two main purposes. The first is to collect host information and the other is to serve as a second stage downloader. Each of these will be explained in detail in the following section.

Freenki depends on the right command line argument being passed to execute any of its interesting code, if no arguments are passed it simply exits.
Information<https://unit42.paloaltonetworks.com/unit42-freemilk-highly-targeted-spear-phishing-campaign/>
<http://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.freenki>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:freenki>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

Previous: FRAUDROP
Next: FrozenCell

All groups using tool Freenki Loader

ChangedNameCountryObserved

APT groups

 Reaper, APT 37, Ricochet Chollima, ScarCruftNorth Korea2012-Dec 2020X

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key