Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 18:39:57 UTC
Home > List all groups > List all tools > List all groups using tool Truvasys
 Tool: Truvasys
Names Truvasys
Category Malware
Type Loader
Description
(Microsoft) A first-stage malware that has been in circulation for several years. Truvasys
has been involved in several attack campaigns, where it has masqueraded as one of
server common computer utilities, including WinUtils, TrueCrypt, WinRAR, or
SanDisk.
Information
MITRE ATT&CK Last change to this tool card: 22 April 2020
Download this tool card in JSON format
All groups using tool Truvasys
Changed Name Country Observed
APT groups
 Promethium, StrongPity 2012-Nov 2021
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=11dd235d-2f18-48d2-8fb6-24ca6fbcfda2
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=11dd235d-2f18-48d2-8fb6-24ca6fbcfda2
Page 1 of 1