Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 19:55:45 UTC
Home > List all groups > List all tools > List all groups using tool WIDETONE
 Tool: WIDETONE
Names WIDETONE
Category Malware
Type Reconnaissance, Credential stealer
Description
(FireEye) WIDETONE is a command-line tool that can perform network-based reconnaissance
tasks, including port scans, service banner scans, and pingscans. WIDETONE can brute-force
credentials for SQL servers and Inter-Process Communication (IPC) shares. WIDETONE can
also query Windows host information and perform dictionary and brute-force attacks.
Information <https://paper.bobylive.com/Security/APT_Report/APT-41.pdf>
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool WIDETONE
Changed Name Country Observed
APT groups
  APT 41 2012-Jul 2025
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c2e9f5f7-b594-4f65-ae91-ce324e795149
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c2e9f5f7-b594-4f65-ae91-ce324e795149
Page 1 of 1