Emerging Threats
Malware2021
Goofy Guineapig
5Rules
1References
1Folders
2023-05-15Latest
Summary
Goofy Guineapig is tracked here as a malware family or toolset with 5 Sigma detections spanning 2021. Coverage centers on windows / process_creation, proxy, windows / file_event +1.
Related Detections
Search this threatEmerging Threatcriticaltest
Goofy Guineapig Backdoor Service Creation
Detects service creation persistence used by the Goofy Guineapig backdoor
Windowssystem
TA0003 · Persistencedetection.emerging-threats
Nasreddine Bencherchali (Nextron Systems)Mon May 152021
Emerging Threathightest
Potential Goofy Guineapig GoolgeUpdate Process Anomaly
Detects "GoogleUpdate.exe" spawning a new instance of itself in an uncommon location as seen used by the Goofy Guineapig backdoor
WindowsProcess Creation
TA0005 · Stealthdetection.emerging-threats
X__Junior (Nextron Systems)+1Mon May 152021
Emerging Threathightest
Goofy Guineapig Backdoor IOC
Detects malicious indicators seen used by the Goofy Guineapig malware
WindowsFile Event
TA0002 · ExecutionTA0005 · Stealthdetection.emerging-threats
Nasreddine Bencherchali (Nextron Systems)Sun May 142021
Emerging Threathightest
Goofy Guineapig Backdoor Potential C2 Communication
Detects potential C2 communication related to Goofy Guineapig backdoor
Proxy Log
TA0011 · Command and Controldetection.emerging-threats
Nasreddine Bencherchali (Nextron Systems)Sun May 142021
Emerging Threathightest
Potential Goofy Guineapig Backdoor Activity
Detects a specific broken command that was used by Goofy-Guineapig as described by the NCSC report.
WindowsProcess Creation
TA0002 · Executiondetection.emerging-threats
X__Junior (Nextron Systems)Sun May 142021
References