สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency

Report

Home > List all groups > List all tools > List all groups using tool ShadowPad Winnti

Threat Group Cards: A Threat Actor Encyclopedia

Tool: ShadowPad Winnti

Names	ShadowPad Winnti POISONPLUG.SHADOW XShellGhost
Category	Malware
Type	Backdoor
Description	(Kaspersky) ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World.
Information	<https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world> <https://securelist.com/shadowpad-in-corporate-networks/81432/> <https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf> <https://st.drweb.com/static/new-www/news/2020/october/Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en.pdf> <https://labs.sentinelone.com/shadowpad-a-masterpiece-of-privately-sold-malware-in-chinese-espionage/> <https://www.secureworks.com/research/shadowpad-malware-analysis>
Malpedia	<https://malpedia.caad.fkie.fraunhofer.de/details/win.shadowpad>

Last change to this tool card: 03 April 2022

Download this tool card in JSON format

All groups using tool ShadowPad Winnti

Changed	Name	Country	Observed
APT groups
	APT 41		2012-Aug 2024
	Bronze Butler, Tick, RedBaldNight, Stalker Panda		2006-Apr 2021
	Earth Krahang		2022
	Earth Lusca		2019-Sep 2024
	Icefog, Dagger Panda		2011-2018/2019
	Mustang Panda, Bronze President		2012-Mar 2024
	RedEcho		2020
	RedFoxtrot		2014-Aug 2021
	RedHotel, TAG-22		2021
	Space Pirates		2017-Sep 2022
	TAG-38		2021
	Tonto Team, HartBeat, Karma Panda		2009-Apr 2023
	Tropic Trooper, Pirate Panda, APT 23, KeyBoy		2011-Jun 2023
	Velvet Ant		2023-Jul 2024

14 groups listed (14 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Report incidents

+66 (0)2-123-1227

[email protected]