ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool ProcDump

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: ProcDump

NamesProcDump
CategoryTools
TypeCredential stealer
DescriptionProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use), unhandled exception monitoring and can generate dumps based on the values of system performance counters. It also can serve as a general process dump utility that you can embed in other scripts.

Part of SysInternals.
Information<https://docs.microsoft.com/en-us/sysinternals/downloads/procdump>

Last change to this tool card: 19 April 2020

Download this tool card in JSON format

Previous: Prilex
Next: ProduKey

All groups using tool ProcDump

ChangedNameCountryObserved

APT groups

 APT 20, Violin PandaChina2014-2017 
 Comment Crew, APT 1China2006-May 2018X
 Emissary Panda, APT 27, LuckyMouse, Bronze UnionChina2010-Mar 2021 
 Goblin Panda, Cycldek, ConimesChina2013-Jun 2020 
 IAmTheKingRussia2018 
 Ke3chang, Vixen Panda, APT 15, GREF, Playful DragonChina2010-May 2020 
 Kimsuky, Velvet ChollimaNorth Korea2012-May 2021X
 Lazarus Group, Hidden Cobra, Labyrinth ChollimaNorth Korea2007-Spring 2021X
 Sofacy, APT 28, Fancy Bear, SednitRussia2004-Jun 2021 HOTX
 TaskMastersChina2010-May 2021 

Other groups

 Parinacota[Unknown]2018 

11 groups listed (10 APT, 1 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key