Flagpro

Description

(NTT) Flagpro is used in the initial stage of attacks to investigate target’s environment, download a second stage malware and execute it. An attack case using Flagpro starts with a spear phishing e-mail. The message is adjusted to its target organization. It is disguised as an e-mail communication with target’s business partner. This means the attackers probed deeper into their target before attacking.

Names

Name
Flagpro
BUSYICE

Category

Malware

Type

• Reconnaissance
• Downloader

Information

• https://insight-jp.nttsecurity.com/post/102hf3q/flagpro-the-new-malware-used-by-blacktech

Mitre Attack

• https://attack.mitre.org/software/S0696/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.flagpro

Other Information

Uuid

bfa272b8-48ab-4157-b8c2-451f5e7a9be6

Last Card Change

2022-12-30