Malware: PACEMAKER

Description

[PACEMAKER](https://attack.mitre.org/software/S1109) is a credential stealer that was used by [APT5](https://attack.mitre.org/groups/G1023) as early as 2020 including activity against US Defense Industrial Base (DIB) companies.(Citation: Mandiant Pulse Secure Zero-Day April 2021)

External References

• mitre-attack
• Mandiant Pulse Secure Zero-Day April 2021

Techniques Used by This Malware

• T1003.007 — Proc Filesystem
• T1055.008 — Ptrace System Calls
• T1059.004 — Unix Shell
• T1074.001 — Local Data Staging
• T1083 — File and Directory Discovery
• T1119 — Automated Collection

APT Groups Using This Malware

• APT5