Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:41:46 UTC
Home > List all groups > List all tools > List all groups using tool JackalSteal
 Tool: JackalSteal
Names JackalSteal
Category Malware
Type Info stealer, Exfiltration
Description
(Kaspersky) JackalSteal is another implant usually deployed on a few compromised machines
that is used to find files of interest on the target’s system and exfiltrate them to the C2 server.
This tool can be used to monitor removable USB drives, remote shares, and all logical drives
in the targeted system. The malware can work as a standard process or as a service. It cannot
maintain persistence, so it must be installed by another component.
Information Last change to this tool card: 21 June 2023
Download this tool card in JSON format
All groups using tool JackalSteal
Changed Name Country Observed
APT groups
 GoldenJackal [Unknown] 2019-2022
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ef662f31-1298-45a0-ad9a-8c823c99edb1
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=ef662f31-1298-45a0-ad9a-8c823c99edb1
Page 1 of 1