สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > List all tools > List all groups using tool NukeSped

Threat Group Cards: A Threat Actor Encyclopedia

Tool: NukeSped

Names	NukeSped
Category	Malware
Type	Reconnaissance, Backdoor, Info stealer, Downloader
Description	(Fortinet) We have reverse-engineered the logic of the RAT and found many classical RAT features: • Iterate files in a folder • Create a process as another user • Iterate processes and modules • Terminate a process • Create a process • Write a file • Read a file • Connect to a remote host • Move a file • Retrieve and launch additional payloads from the internet • Get information about installed disks, including the disk type and the amount of free space on the disk • Get the current directory • Change to a different directory • Remove itself and artifacts associated with it from the infected system
Information	<https://www.fortinet.com/blog/threat-research/deep-analysis-nukesped-rat.html>
AlienVault OTX	<https://otx.alienvault.com/browse/pulses?q=tag:nukesped>

Last change to this tool card: 20 April 2020

Download this tool card in JSON format

Previous: Ntospy
Next: Numando

All groups using tool NukeSped

Changed	Name	Country	Observed
APT groups
	Lazarus Group, Hidden Cobra, Labyrinth Chollima		2007-Sep 2024

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]