Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 16:56:22 UTC
Home > List all groups > List all tools > List all groups using tool FoundCore
 Tool: FoundCore
Names
FoundCore
RainyDay
Category Malware
Type Backdoor, Info stealer
Description
(Kaspersky) Communications with the server can take place either over raw TCP sockets
encrypted with RC4, or via HTTPS. Commands supported by FoundCore include filesystem
manipulation, process manipulation, screenshot captures and arbitrary command execution.
Information
Last change to this tool card: 15 May 2021
Download this tool card in JSON format
All groups using tool FoundCore
Changed Name Country Observed
APT groups
 Goblin Panda, Cycldek, Conimes 2013-Jun 2020
 Naikon, Lotus Panda 2010-Apr 2022
2 groups listed (2 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fd134b1c-5367-4606-a171-2ab6a45ef77f
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=fd134b1c-5367-4606-a171-2ab6a45ef77f
Page 1 of 1