ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool QUEUESEED

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: QUEUESEED

NamesQUEUESEED
IcyWell
Kapeka
CategoryMalware
TypeBackdoor
Description(BleepingComputer) C++ backdoor for Windows that collects basic system information and executes commands from a remote server. It handles file operations, command execution, and configuration updates and can delete itself. Communications are secured via HTTPS, and data is encrypted using RSA and AES. It stores its data and maintains persistence on infected systems by encrypting its configuration in the Windows registry and setting up tasks or registry entries for automatic execution.
Information<https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/>

Last change to this tool card: 23 April 2024

Download this tool card in JSON format

Previous: QueenOfHearts
Next: Quickcafe

All groups using tool QUEUESEED

ChangedNameCountryObserved

APT groups

 Sandworm Team, Iron Viking, Voodoo BearRussia2009-Mar 2024X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]