Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:01:27 UTC
Home > List all groups > List all tools > List all groups using tool Tickler
 Tool: Tickler
Names Tickler
Category Malware
Type Backdoor
Description
(Microsoft) Microsoft Threat Intelligence identified two samples of the Tickler malware, a
custom multi-stage backdoor, that Peach Sandstorm deployed in compromised environments
as recently as July 2024. The first sample was contained in an archive file named Network
Security.zip alongside benign PDF files used as decoy documents.
Information
Last change to this tool card: 23 October 2024
Download this tool card in JSON format
All groups using tool Tickler
Changed Name Country Observed
APT groups
 APT 33, Elfin, Magnallium 2013-Apr 2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=1b9f8740-331d-4681-bf46-882a6922328e
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=1b9f8740-331d-4681-bf46-882a6922328e
Page 1 of 1