{ "id": "c30c4620-015e-447d-b853-fbf545eb4282", "created_at": "2026-04-06T00:12:59.041538Z", "updated_at": "2026-04-10T03:33:45.943017Z", "deleted_at": null, "sha1_hash": "7e9929588c3d98ab8c8e98e72ecbd58dceed9116", "title": "Blog | Arctic Wolf", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2705516, "plain_text": "Blog | Arctic Wolf\r\nPublished: 2026-04-02 · Archived: 2026-04-05 13:03:15 UTC\r\nARCTIC WOLF BLOG\r\nAt RSAC 2026, Arctic Wolf set the agenda for the future of cybersecurity and AI. Throughout the week, we were\r\nat the center of the industry dialogue, shaping how the market is approaching agentic AI in cybersecurity and\r\nsetting clear...\r\nREAD MORE  →\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 1 of 16\n\nApril 2, 2026\r\nApril 2, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 2 of 16\n\nApril 2, 2026\r\nApril 1, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 3 of 16\n\nMarch 31, 2026\r\nMarch 31, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 4 of 16\n\nMarch 27, 2026\r\nMarch 26, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 5 of 16\n\nMarch 25, 2026\r\nMarch 25, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 6 of 16\n\nMarch 24, 2026\r\nMarch 24, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 7 of 16\n\nMarch 23, 2026\r\nMarch 23, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 8 of 16\n\nMarch 23, 2026\r\nMarch 23, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 9 of 16\n\nMarch 19, 2026\r\nMarch 18, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 10 of 16\n\nMarch 17, 2026\r\nMarch 13, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 11 of 16\n\nMarch 13, 2026\r\nMarch 13, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 12 of 16\n\nMarch 12, 2026\r\nMarch 11, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 13 of 16\n\nMarch 6, 2026\r\nMarch 6, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 14 of 16\n\nMarch 2, 2026\r\nMarch 2, 2026\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 15 of 16\n\nMarch 2, 2026\r\nFebruary 28, 2026\r\n⟵ Page1 Page2 Page3 … Page35 ⟶\r\nSource: https://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nhttps://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html\r\nPage 16 of 16", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia", "ETDA" ], "references": [ "https://threatvector.cylance.com/en_us/home/threat-spotlight-menupass-quasarrat-backdoor.html" ], "report_names": [ "threat-spotlight-menupass-quasarrat-backdoor.html" ], "threat_actors": [ { "id": "ba9fa308-a29a-4928-9c06-73aafec7624c", "created_at": "2024-05-01T02:03:07.981061Z", "updated_at": "2026-04-10T02:00:03.750803Z", "deleted_at": null, "main_name": "BRONZE RIVERSIDE", "aliases": [ "APT10 ", "CTG-5938 ", "CVNX ", "Hogfish ", "MenuPass ", "MirrorFace ", "POTASSIUM ", "Purple Typhoon ", "Red Apollo ", "Stone Panda " ], "source_name": "Secureworks:BRONZE RIVERSIDE", "tools": [ "ANEL", "AsyncRAT", "ChChes", "Cobalt Strike", "HiddenFace", "LODEINFO", "PlugX", "PoisonIvy", "QuasarRAT", "QuasarRAT Loader", "RedLeaves" ], "source_id": "Secureworks", "reports": null }, { "id": "04b07437-41bb-4126-bcbb-def16f19d7c6", "created_at": "2022-10-25T16:07:24.232628Z", "updated_at": "2026-04-10T02:00:04.906097Z", "deleted_at": null, "main_name": "Stone Panda", "aliases": [ "APT 10", "ATK 41", "Bronze Riverside", "CTG-5938", "CVNX", "Cuckoo Spear", "Earth Kasha", "G0045", "G0093", "Granite Taurus", "Happyyongzi", "Hogfish", "ITG01", "Operation A41APT", "Operation Cache Panda", "Operation ChessMaster", "Operation Cloud Hopper", "Operation Cuckoo Spear", "Operation New Battle", "Operation Soft Cell", "Operation TradeSecret", "Potassium", "Purple Typhoon", "Red Apollo", "Stone Panda", "TA429", "menuPass", "menuPass Team" ], "source_name": "ETDA:Stone Panda", "tools": [ "Agent.dhwf", "Agentemis", "Anel", "AngryRebel", "BKDR_EVILOGE", "BKDR_HGDER", "BKDR_NVICM", "BUGJUICE", "CHINACHOPPER", "ChChes", "China Chopper", "Chymine", "CinaRAT", "Cobalt Strike", "CobaltStrike", "DARKTOWN", "DESLoader", "DILLJUICE", "DILLWEED", "Darkmoon", "DelfsCake", "Derusbi", "Destroy RAT", "DestroyRAT", "Ecipekac", "Emdivi", "EvilGrab", "EvilGrab RAT", "FYAnti", "Farfli", "Gen:Trojan.Heur.PT", "Gh0st RAT", "Ghost RAT", "GreetCake", "HAYMAKER", "HEAVYHAND", "HEAVYPOT", "HTran", "HUC Packet Transmit Tool", "Ham Backdoor", "HiddenFace", "Impacket", "Invoke the Hash", "KABOB", "Kaba", "Korplug", "LODEINFO", "LOLBAS", "LOLBins", "Living off the Land", "MiS-Type", "Mimikatz", "Moudour", "Mydoor", "NBTscan", "NOOPDOOR", "Newsripper", "P8RAT", "PCRat", "PlugX", "Poison Ivy", "Poldat", "PowerSploit", "PowerView", "PsExec", "PsList", "Quarks PwDump", "Quasar RAT", "QuasarRAT", "RedDelta", "RedLeaves", "Rubeus", "SNUGRIDE", "SPIVY", "SharpSploit", "SigLoader", "SinoChopper", "SodaMaster", "Sogu", "TIGERPLUG", "TVT", "Thoper", "Trochilus RAT", "UpperCut", "Vidgrab", "WinRAR", "WmiExec", "Wmonder", "Xamtrav", "Yggdrasil", "Zlib", "certutil", "certutil.exe", "cobeacon", "dfls", "lena", "nbtscan", "pivy", "poisonivy", "pwdump" ], "source_id": "ETDA", "reports": null }, { "id": "ba3fff0c-3ba0-4855-9eeb-1af9ee18136a", "created_at": "2022-10-25T15:50:23.298889Z", "updated_at": "2026-04-10T02:00:05.316886Z", "deleted_at": null, "main_name": "menuPass", "aliases": [ "menuPass", "POTASSIUM", "Stone Panda", "APT10", "Red Apollo", "CVNX", "HOGFISH", "BRONZE RIVERSIDE" ], "source_name": "MITRE:menuPass", "tools": [ "certutil", "FYAnti", "UPPERCUT", "SNUGRIDE", "P8RAT", "RedLeaves", "SodaMaster", "pwdump", "Mimikatz", "PlugX", "PowerSploit", "ChChes", "cmd", "QuasarRAT", "AdFind", "Cobalt Strike", "PoisonIvy", "EvilGrab", "esentutl", "Impacket", "Ecipekac", "PsExec", "HUI Loader" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434379, "ts_updated_at": 1775792025, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/7e9929588c3d98ab8c8e98e72ecbd58dceed9116.pdf", "text": "https://archive.orkl.eu/7e9929588c3d98ab8c8e98e72ecbd58dceed9116.txt", "img": "https://archive.orkl.eu/7e9929588c3d98ab8c8e98e72ecbd58dceed9116.jpg" } }