Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:32:58 UTC
Home > List all groups > List all tools > List all groups using tool BINBASH
 Tool: BINBASH
Names BINBASH
Category Malware
Description
(Mandiant) BINBASH is a simple ELF utility that executes a shell after setting the group ID
and user ID to either 'root' or specified values. BINBASH appears to be a compilation of the
source code.
Information <https://www.mandiant.com/resources/unc2891-overview>
Last change to this tool card: 03 April 2022
Download this tool card in JSON format
All groups using tool BINBASH
Changed Name Country Observed
APT groups
  UNC2891 [Unknown] 2020  
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5898eb99-a748-4532-be7e-1d05c1bcf707
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5898eb99-a748-4532-be7e-1d05c1bcf707
Page 1 of 1