216.73.216.128

SUGARUSH

The MITRE Corporation · Published 04/10/2022 23:48 · Modified 27/03/2026 01:03 Family

Essential information

Confidence
100/100
Is family
Yes
Published
04/10/2022 23:48
Modified
27/03/2026 01:03
Revoked
No
Author / Source
The MITRE Corporation
Related entities
28 attack patterns (mitre), 5 sectors, 1 countries, 20 indicators, 1 campaign, 1 campaigns

Description

[SUGARUSH](https://attack.mitre.org/software/S1049) is a small custom backdoor that can establish a reverse shell over TCP to a hard coded C2 address. [SUGARUSH](https://attack.mitre.org/software/S1049) was first identified during analysis of UNC3890's [C0010](https://attack.mitre.org/campaigns/C0010) campaign targeting Israeli companies, which began in late 2020.(Citation: Mandiant UNC3890 Aug 2022)

Marking (TLP)

TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references