ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool PyMICROPSIA

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: PyMICROPSIA

NamesPyMICROPSIA
CategoryMalware
TypeReconnaissance, Backdoor, Info stealer, Keylogger, Credential stealer, Downloader
Description(Palo Alto) PyMICROPSIA has a rich set of information-stealing and control capabilities, including:
• File uploading.
• Payload downloading and execution.
• Browser credential stealing. Clearing browsing history and profiles.
• Taking screenshots.
• Keylogging.
• Compressing RAR files for stolen information.
• Collecting process information and killing processes.
• Collecting file listing information.
• Deleting files.
• Rebooting machine.
• Collecting Outlook .ost file. Killing and disabling Outlook process.
• Deleting, creating, compressing and exfiltrating files and folders.
• Collecting information from USB drives, including file exfiltration.
• Audio recording.
• Executing commands.
Information<https://unit42.paloaltonetworks.com/pymicropsia/>

Last change to this tool card: 06 January 2021

Download this tool card in JSON format

All groups using tool PyMICROPSIA

ChangedNameCountryObserved

APT groups

 Desert Falcons[Gaza]2011-Apr 2021X

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key