Emerging Threats
Malware2021
Pingback
3Rules
2References
1Folders
2023-02-17Latest
Summary
Pingback is tracked here as a malware family or toolset with 3 Sigma detections spanning 2021. Coverage centers on windows / file_event, windows / image_load, windows / process_creation.
Related Detections
Search this threatEmerging Threathightest
Pingback Backdoor Activity
Detects the use of Pingback backdoor that creates ICMP tunnel for C2 as described in the trustwave report
WindowsProcess Creation
TA0004 · Privilege EscalationTA0005 · StealthTA0003 · PersistenceT1574.001 · DLL+1
Bhabesh RajWed May 052021
Emerging Threathightest
Pingback Backdoor DLL Loading Activity
Detects the use of Pingback backdoor that creates ICMP tunnel for C2 as described in the trustwave report
WindowsImage Load (DLL)
TA0004 · Privilege EscalationTA0005 · StealthTA0003 · PersistenceT1574.001 · DLL+1
Bhabesh RajWed May 052021
Emerging Threathightest
Pingback Backdoor File Indicators
Detects the use of Pingback backdoor that creates ICMP tunnel for C2 as described in the trustwave report
WindowsFile Event
TA0004 · Privilege EscalationTA0005 · StealthTA0003 · PersistenceT1574.001 · DLL+1
Bhabesh RajWed May 052021
References