Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 23:09:08 UTC
Home > List all groups > List all tools > List all groups using tool Dripion
 Tool: Dripion
Names
Dripion
Masson
Category Malware
Type Backdoor, Info stealer
Description
(Symantec) Once Dripion is installed, the attacker can access the user’s computer. Dripion has
the functionally of a back door Trojan, letting attackers upload, download, and steal pre-determined information from the victim, and execute remote commands. Information such as
the victim’s computer name and IP address are automatically transmitted to the C&C server
upon the initial infection.
Information
<https://community.broadcom.com/symantecenterprise/communities/community-home/librarydocuments/viewdocument?DocumentKey=b0649cc1-a60f-4cd7-ba3e-832e218de385&CommunityKey=1ecf5f55-9545-44d6-b0f4-
4e4a7f5f5e68&tab=librarydocuments>
Malpedia <https://malpedia.caad.fkie.fraunhofer.de/details/win.dripion>
Last change to this tool card: 28 December 2022
Download this tool card in JSON format
All groups using tool Dripion
Changed Name Country Observed
APT groups
  Taidoor 2008-Late 2015  
1 group listed (1 APT, 0 other, 0 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d4597535-d2c1-49d0-94ee-5cff2d72be8c
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d4597535-d2c1-49d0-94ee-5cff2d72be8c
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=d4597535-d2c1-49d0-94ee-5cff2d72be8c
Page 2 of 2

APT groups  Taidoor 2008-Late 2015 
1 group listed (1 APT, 0 other, 0 unknown) 
   Page 1 of 2