ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool XDLoc

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: XDLoc

NamesXDLoc
CategoryMalware
TypeReconnaissance
Description(ESET) XDLoc is a location discovery plug-in that retrieves a list of nearby Wi-Fi access points. It uses the WlanGetNetworkBssListWindows API function to retrieve the list of nearby BSSIDs and their signal strengths (RSSI). This information is then written in \wgl.dat. We believe that this information can be combined with databases of geolocation of known Wi-Fi access points in order to approximate the location of the victim’s device.
Information<https://vblocalhost.com/uploads/VB2020-Faou-Labelle.pdf>

Last change to this tool card: 19 October 2020

Download this tool card in JSON format

All groups using tool XDLoc

ChangedNameCountryObserved

APT groups

 XDSpy[Unknown]2011 

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]