ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool SwiftSlicer

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: SwiftSlicer

NamesSwiftSlicer
JaguarBlade
CategoryMalware
TypeWiper
Description(ESET) SwiftSlicer is detected by ESET products as WinGo/KillFiles.C. The malware was written in Go, a highly versatile, cross-platform programming language.

When it comes to SwiftSlicer’s method of destruction, ESET researchers had this to say: “Once executed it deletes shadow copies, recursively overwrites files located in %CSIDL_SYSTEM%\drivers, %CSIDL_SYSTEM_DRIVE%\Windows\NTDS and other non-system drives and then reboots computer. For overwriting it uses 4096 bytes length block filled with randomly generated byte”.
Information<https://www.welivesecurity.com/2023/01/27/swiftslicer-new-destructive-wiper-malware-ukraine/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.swiftslicer>

Last change to this tool card: 22 June 2023

Download this tool card in JSON format

All groups using tool SwiftSlicer

ChangedNameCountryObserved

APT groups

 Sandworm Team, Iron Viking, Voodoo BearRussia2009-Mar 2024X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]