CreepySnail

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[CreepySnail](https://attack.mitre.org/software/S1024) is a custom PowerShell implant that has been used by [POLONIUM](https://attack.mitre.org/groups/G1005) since at least 2022.(Citation: Microsoft POLONIUM June 2022)

Tecniche Associate (7)

ID	ATT&CK	Tattiche
T1016	System Network Configuration Discovery	-
T1033	System Owner/User Discovery	-
T1041	Exfiltration Over C2 Channel	-
T1059.001	PowerShell	-
T1071.001	Web Protocols	-
T1078.002	Domain Accounts	-
T1132.001	Standard Encoding	-

Usato da Attori (1)

POLONIUM
Nation-state

Metadata

ID:	580
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00