Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 19:09:54 UTC
Home > List all groups > List all tools > List all groups using tool Pisloader
 Tool: Pisloader
Names
Pisloader
Roseam
Category Malware
Type Backdoor
Description
Pisloader is a malware family that is notable due to its use of DNS as a C2 protocol as
well as its use of anti-analysis tactics. It has been used by APT18 and is similar to
another malware family, HTTPBrowser, that has been used by the group.
Information
MITRE ATT&CK Malpedia AlienVault OTX Last change to this tool card: 29 December 2022
Download this tool card in JSON format
All groups using tool Pisloader
Changed Name Country Observed
APT groups
 APT 18, Dynamite Panda, Wekby 2009-May 2016
1 group listed (1 APT, 0 other, 0 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=af42a191-ee67-4870-8f17-1c69177627df
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=af42a191-ee67-4870-8f17-1c69177627df
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=af42a191-ee67-4870-8f17-1c69177627df
Page 2 of 2