Report

Home > List all groups > List all tools > List all groups using tool ShadowHammer

Threat Group Cards: A Threat Actor Encyclopedia

Tool: ShadowHammer

Names	ShadowHammer DAYJOB
Category	Malware
Type	Backdoor
Description	(Kaspersky) A supply chain attack that leveraged ASUS Live Update software.
Information	<https://securelist.com/operation-shadowhammer/89992/> <https://skylightcyber.com/2019/03/28/unleash-the-hash-shadowhammer-mac-list/> <https://countercept.com/blog/analysis-shadowhammer-asus-attack-first-stage-payload/> <https://blog.reversinglabs.com/blog/forging-the-shadowhammer> <https://www.vkremez.com/2019/03/lets-learn-dissecting-operation.html>
Malpedia	<https://malpedia.caad.fkie.fraunhofer.de/details/win.shadowhammer>

Last change to this tool card: 14 May 2020

Download this tool card in JSON format

Previous: SessionGopher
Next: ShadowNet

All groups using tool ShadowHammer

Changed	Name	Country	Observed
APT groups
	APT 41		2012-Aug 2020

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT) Electronic Transactions Development Agency Follow us on	Report incidents
		+66 (0)2-123-1234
		report@thaicert.or.th
		Download PGP key