Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:48:49 UTC
Home > List all groups > List all tools > List all groups using tool Pierogi
 Tool: Pierogi
Names Pierogi
Category Malware
Type Backdoor
Description
(Cybereason) Pierogi, the backdoor in this attack, appears to be a new backdoor written in
Delphi. It enables the attackers to spy on victims using rather basic backdoor capabilities.
While it is unknown at this point whether the backdoor was coded by the same members
of the group behind the attacks, there are indications that suggest that the malware was
authored by Ukranian-speaking malware developers. The commands used to
communicate with the C2 servers and other strings in the binary are written in Ukrainian.
Information
<https://www.cybereason.com/blog/new-cyber-espionage-campaigns-targeting-palestinians-part-2-the-discovery-of-the-new-mysterious-pierogi-backdoor>
Malpedia <https://malpedia.caad.fkie.fraunhofer.de/details/win.pierogi>
AlienVault OTX <https://otx.alienvault.com/browse/pulses?q=tag:Pierogi>
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
All groups using tool Pierogi
Changed Name Country Observed
APT groups
  Molerats, Extreme Jackal, Gaza Cybergang [Gaza] 2012-Jul 2023  
1 group listed (1 APT, 0 other, 0 unknown)
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5bd03b18-ff02-4502-a5ae-cfa8d4ff17c8
Page 1 of 2

Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5bd03b18-ff02-4502-a5ae-cfa8d4ff17c8
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=5bd03b18-ff02-4502-a5ae-cfa8d4ff17c8
Page 2 of 2

APT groups Molerats, Extreme Jackal, Gaza Cybergang [Gaza] 2012-Jul 2023 
1 group listed (1 APT, 0 other, 0 unknown) 
   Page 1 of 2