Tool: QueenOfClubs| Names | QueenOfClubs SlothfulMedia | |
| Category | Malware | |
| Type | Backdoor, Info stealer | |
| Description | (Kaspersky) In the course of our investigations, we discovered another malware strain that appeared to fill the same role as QueenOfHearts. This C++ backdoor also offers similar features as KingOfHearts, as well as the ability to execute arbitrary Powershell scripts. One minute difference is that in this one, screenshot capture capabilities are embedded directly into the program instead of being handled by a separate utility. | |
| Information | <https://securelist.com/iamtheking-and-the-slothfulmedia-malware-family/99000/> <https://us-cert.cisa.gov/ncas/analysis-reports/ar20-275a> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.slothfulmedia> | |
Last change to this tool card: 23 April 2021
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| IAmTheKing |  | 2018 | |||
1 group listed (1 APT, 0 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |