Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 13:10:12 UTC
Home > List all groups > List all tools > List all groups using tool WSCSPL
 Tool: WSCSPL
Names WSCSPL
Category Malware
Type Backdoor, Info stealer
Description
(Qihoo 360) A decoy document captured by QiAnXin Threat Intelligence Center is called 'SOP
for Retrieval of Mobile Data Records. Inp' (SOP for Mobile Data Records Retrieval). Cve-2017-12824 vulnerability utilization document will eventually download and execute a full-featured back door program named WSCSPL.
Information
Malpedia Last change to this tool card: 23 April 2020
Download this tool card in JSON format
All groups using tool WSCSPL
Changed Name Country Observed
APT groups
 Operation HangOver, Monsoon, Viceroy Tiger 2010-Jan 2020
 Patchwork, Dropping Elephant 2013-Jun 2025
2 groups listed (2 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6d5bde93-d594-44a2-9ecf-984535c01184
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=6d5bde93-d594-44a2-9ecf-984535c01184
Page 1 of 1