Tool: ShadowPad Winnti| Names | ShadowPad Winnti POISONPLUG.SHADOW XShellGhost | |
| Category | Malware | |
| Type | Backdoor | |
| Description | (Kaspersky) ShadowPad: How Attackers hide Backdoor in Software used by Hundreds of Large Companies around the World. | |
| Information | <https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world> <https://securelist.com/shadowpad-in-corporate-networks/81432/> <https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf> <https://st.drweb.com/static/new-www/news/2020/october/Study_of_the_ShadowPad_APT_backdoor_and_its_relation_to_PlugX_en.pdf> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.shadowpad> | |
Last change to this tool card: 06 January 2021
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| APT 41 |  | 2012-Jul 2021  |  | ||
| Bronze Butler, Tick, RedBaldNight, Stalker Panda | | 2010-Apr 2021 | | ||
| Icefog, Dagger Panda | | 2011-2018/2019 | |||
| RedEcho | | 2020 | |||
| RedFoxtrot | | 2014 | |||
| TAG-22 | | 2021 | |||
| Tonto Team, HartBeat, Karma Panda | | 2009-Mar 2021 | |||
| Tropic Trooper, Pirate Panda, APT 23, KeyBoy | | 2011-Apr 2020 | |||
8 groups listed (8 APT, 0 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |