Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-02 10:37:14 UTC
 Tool: POWERSTATS
Names
POWERSTATS
Valyria
Category Malware
Type Backdoor
Description
(Palo Alto) MuddyWater attacks are characterized by the use of a slowly evolving
PowerShell-based first stage backdoor we call “POWERSTATS”.
Information
MITRE ATT&CK Malpedia AlienVault OTX Last change to this tool card: 29 December 2022
Download this tool card in JSON format
All groups using tool POWERSTATS
Changed Name Country Observed
APT groups
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=2bde4b8c-ab64-4510-a248-d7eabe428a8a
Page 1 of 2

MuddyWater, Seedworm, TEMP.Zagros, Static Kitten 2017-Jul 2025
1 group listed (1 APT, 0 other, 0 unknown)
↑
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=2bde4b8c-ab64-4510-a248-d7eabe428a8a
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=2bde4b8c-ab64-4510-a248-d7eabe428a8a
Page 2 of 2