สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > List all tools > List all groups using tool ASPXSpy

Threat Group Cards: A Threat Actor Encyclopedia

Tool: ASPXSpy

Names	ASPXSpy ASPXTool
Category	Malware
Type	Backdoor
Description	ASPXSpy is a Web shell. It has been modified by Threat Group-3390 actors to create the ASPXTool version.
Information	<https://www.secureworks.com/research/threat-group-3390-targets-organizations-for-cyberespionage> <https://github.com/ysrc/webshell-sample/blob/master/aspx/a91320483df0178eb3cafea830c1bd94585fc896.aspx>
MITRE ATT&CK	<https://attack.mitre.org/software/S0073/>
Malpedia	<https://malpedia.caad.fkie.fraunhofer.de/details/php.aspxspy>
AlienVault OTX	<https://otx.alienvault.com/browse/pulses?q=tag:AspxSpy>

Last change to this tool card: 30 December 2022

Download this tool card in JSON format

Previous: Asacub
Next: Asruex

All groups using tool ASPXSpy

Changed	Name	Country	Observed
APT groups
	Agrius		2020-May 2023
	APT 41		2012-Aug 2024
	Chafer, APT 39		2014-Sep 2020
	Dalbit		2022
	Emissary Panda, APT 27, LuckyMouse, Bronze Union		2010-Aug 2023
	Gelsemium		2014-Mid 2022
	Night Dragon		2009
	TaskMasters		2010-May 2021
	Turla, Waterbug, Venomous Bear		1996-Dec 2023
	Volatile Cedar		2012-Early 2020

10 groups listed (10 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]