Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 19:25:48 UTC
Home > List all groups > List all tools > List all groups using tool NukeSped
 Tool: NukeSped
Names NukeSped
Category Malware
Type Reconnaissance, Backdoor, Info stealer, Downloader
Description
(Fortinet) We have reverse-engineered the logic of the RAT and found many classical
RAT features:
• Iterate files in a folder
• Create a process as another user
• Iterate processes and modules
• Terminate a process
• Create a process
• Write a file
• Read a file
• Connect to a remote host
• Move a file
• Retrieve and launch additional payloads from the internet
• Get information about installed disks, including the disk type and the amount of free
space on the disk
• Get the current directory
• Change to a different directory
• Remove itself and artifacts associated with it from the infected system
Information <https://www.fortinet.com/blog/threat-research/deep-analysis-nukesped-rat.html>
AlienVault OTX <https://otx.alienvault.com/browse/pulses?q=tag:nukesped>
Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool NukeSped
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c3cd0b9b-69d9-4e2d-9e56-b856dd8b48a9
Page 1 of 2

Changed Name Country Observed
APT groups
  Lazarus Group, Hidden Cobra, Labyrinth Chollima 2007-May 2025
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c3cd0b9b-69d9-4e2d-9e56-b856dd8b48a9
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=c3cd0b9b-69d9-4e2d-9e56-b856dd8b48a9
Page 2 of 2