Sowbug

MISP

Type:
Nation-state

Country:
Unknown

First seen:
Unknown

Details:

[Sowbug](https://attack.mitre.org/groups/G0054) is a threat group that has conducted targeted attacks against organizations in South America and Southeast Asia, particularly government entities, since at least 2015. (Citation: Symantec Sowbug Nov 2017)

MITRE ATT&CK: View on MITRE

Techniques Used (9)

ID	ATT&CK	Tactics
T1003	OS Credential Dumping	-
T1036.005	Match Legitimate Resource Name or Location	-
T1039	Data from Network Shared Drive	-
T1056.001	Keylogging	-
T1059.003	Windows Command Shell	-
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1135	Network Share Discovery	-
T1560.001	Archive via Utility	-

References (3)

Aliases (103)

G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054 G0054

Related Malware (2)

Felismus
other

Starloader
other

Metadata

ID:	155
Created:	13/01/2026 17:48
Updated:	06/03/2026 04:00