Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 22:41:26 UTC
Home > List all groups > List all tools > List all groups using tool TabMsgSQL
 Tool: TabMsgSQL
Names
TabMsgSQL
LETSGO
Category Malware
Type Backdoor, Exfiltration
Description
This malware family is a full-featured backdoor capable of file uploading and downloading,
arbitrary execution of programs, and providing a remote interactive command shell. All
communications with the C2 server are sent over HTTP to a static URL, appending various
URL parameters to the request. Some variants use a slightly different URL.
Information <http://contagiodump.blogspot.com/2013/03/mandiant-apt1-samples-categorized-by.html>
Malpedia <https://malpedia.caad.fkie.fraunhofer.de/details/win.tabmsgsql>
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
All groups using tool TabMsgSQL
Changed Name Country Observed
APT groups
  Comment Crew, APT 1 2006-May 2018
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=980e694a-7e8e-4928-aec0-a19cc3e05a7c
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=980e694a-7e8e-4928-aec0-a19cc3e05a7c
Page 1 of 1