Tool: ShadowPad Winnti| Names | ShadowPad Winnti POISONPLUG.SHADOW XShellGhost | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (Kaspersky) ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World. | |
| Information | <https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world> <https://securelist.com/shadowpad-in-corporate-networks/81432/> <https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf> <https://st.drweb.com/static/new-www/news/2020/october/Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en.pdf> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.shadowpad> | |
Last change to this tool card: 07 January 2021
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 41 |  | 2012-Aug 2020 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |