Pantegana

Description

(Recorded Future) Pantegana is an open-source malware family written in Go that features a cross-platform payload client Windows, Linux, OSX and uses HTTPS for C2 communications. It supports file upload and download, system fingerprinting, and direct command-line interaction with infected hosts. Pantegana also supports obfuscation using the open-source obfuscator Garble. Publicly reported use of Pantegana in the wild to date is minimal, other than a campaign exploiting a zero-day vulnerability in the Sophos Firewall appliance attributed by Volexity to the suspected Chinese state-sponsored threat activity group DriftingCloud.

Names

Name
Pantegana

Type

Backdoor

Information

https://go.recordedfuture.com/hubfs/reports/cta-2024-0716.pdf

Other Information

Uuid

deff9b60-6a3c-4db2-9c46-1adc20420bfd

Last Card Change

2024-08-27

Threat Intelligence Garden

Explorer

Pantegana

Pantegana

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks