ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool XDLoc

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: XDLoc

NamesXDLoc
CategoryMalware
TypeReconnaissance
Description(ESET) XDLoc is a location discovery plug-in that retrieves a list of nearby Wi-Fi access points. It uses the WlanGetNetworkBssListWindows API function to retrieve the list of nearby BSSIDs and their signal strengths (RSSI). This information is then written in \wgl.dat. We believe that this information can be combined with databases of geolocation of known Wi-Fi access points in order to approximate the location of the victim’s device.
Information<https://vblocalhost.com/uploads/VB2020-Faou-Labelle.pdf>

Last change to this tool card: 18 October 2020

Download this tool card in JSON format

Previous: XDList
Next: XDMonitor

All groups using tool XDLoc

ChangedNameCountryObserved

APT groups

 XDSpy[Unknown]2011 

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key