Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 13:53:15 UTC
Home > List all groups > List all tools > List all groups using tool PLEAD
 Tool: PLEAD
Names
PLEAD
DRAWDOWN
GOODTIMES
Linopid
TSCookie
Category Malware
Type Reconnaissance, Backdoor, Info stealer, Credential stealer, Exfiltration
Description
(Trend Micro) PLEAD’s backdoor can:
• Harvest saved credentials from browsers and email clients like Outlook
• List drives, processes, open windows, and files
• Open remote Shell
• Upload target file
• Execute applications via ShellExecute API
• Delete target file
Information
MITRE ATT&CK Malpedia
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9ed8c80d-8d26-487b-8b98-a31c2206e2ae
Page 1 of 2

AlienVault OTX <https://otx.alienvault.com/browse/pulses?q=tag:PLEAD>
Last change to this tool card: 30 December 2022
Download this tool card in JSON format
All groups using tool PLEAD
Changed Name Country Observed
APT groups
  BlackTech, Circuit Panda, Radio Panda 2010-Oct 2020  
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9ed8c80d-8d26-487b-8b98-a31c2206e2ae
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=9ed8c80d-8d26-487b-8b98-a31c2206e2ae
Page 2 of 2