ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool ShadowPad Winnti

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: ShadowPad Winnti

NamesShadowPad Winnti
POISONPLUG.SHADOW
XShellGhost
CategoryMalware
TypeBackdoor
Description(Kaspersky) ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World.
Information<https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world>
<https://securelist.com/shadowpad-in-corporate-networks/81432/>
<https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf>
<https://st.drweb.com/static/new-www/news/2020/october/Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en.pdf>
<https://labs.sentinelone.com/shadowpad-a-masterpiece-of-privately-sold-malware-in-chinese-espionage/>
<https://www.secureworks.com/research/shadowpad-malware-analysis>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.shadowpad>

Last change to this tool card: 03 April 2022

Download this tool card in JSON format

All groups using tool ShadowPad Winnti

ChangedNameCountryObserved

APT groups

XAPT 41China2012-Aug 2021X
 Bronze Butler, Tick, RedBaldNight, Stalker PandaChina2010-Apr 2021X
 Earth LuscaChina2019 
 Icefog, Dagger PandaChina2011-2018/2019 
 RedEchoChina2020 
 RedFoxtrotChina2014-Aug 2021 
 Space PiratesChina2017 
 TAG-22China2021 
 TAG-38China2021 
 Tonto Team, HartBeat, Karma PandaChina2009-Mar 2021 
 Tropic Trooper, Pirate Panda, APT 23, KeyBoyChina2011-Jul 2020 

11 groups listed (11 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]