Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 16:46:07 UTC
Home > List all groups > List all tools > List all groups using tool XDOOR
 Tool: XDOOR
Names
XDOOR
X-Door
Category Malware
Type Reconnaissance, Backdoor, Keylogger, Info stealer, Downloader, Tunneling
Description
(FireEye) X-Door is a full-featured remote administration tool (RAT) with a configurable
deployment and plug-in architecture. It is freely downloadable through a Chinese website, and
the deployment interface and server use the Chinese language. X-Door contains functionality
for keylogging, audio and video capture, file transfers, acting as a proxy, retrieving system
information, providing a reverse command shell, injecting DLLs, and downloading and
launching commands.
Information <https://paper.bobylive.com/Security/APT_Report/APT-41.pdf>
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool XDOOR
Changed Name Country Observed
APT groups
  APT 41 2012-Jul 2025
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c28f3aa6-d75a-4674-9fe6-e0e61b544102
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c28f3aa6-d75a-4674-9fe6-e0e61b544102
Page 1 of 1