PINEGROVE

Description

(Mandiant) During the intrusion, Mandiant observed APT41 leveraging PINEGROVE for their data exfiltration. PINEGROVE is a command-line uploader written in Go with functionality to collect and upload a file to OneDrive via the OneDrive API. PINEGROVE expects an authentication JSON file including relevant OneDrive credentials and the target file to upload.

Names

Name
PINEGROVE

Type

Exfiltration

Information

https://cloud.google.com/blog/topics/threat-intelligence/apt41-arisen-from-dust

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.pinegrove

Other Information

Uuid

009cf2c1-7f43-4b26-abc4-38836a7f0309

Last Card Change

2024-12-27

Threat Intelligence Garden

Explorer

PINEGROVE

PINEGROVE

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks