Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-06 03:31:24 UTC
Home > List all groups > List all tools > List all groups using tool SamSam
 Tool: SamSam
Names
SamSam
Samas
Category Malware
Type Ransomware, Big Game Hunting
Description
(US-CERT) After gaining access to a particular network, the SamSam actors escalate
privileges for administrator rights, drop malware onto the server, and run an executable
file, all without victims’ action or authorization. While many ransomware campaigns
rely on a victim completing an action, such as opening an email or visiting a
compromised website, RDP allows cyber actors to infect victims with minimal
detection.
Information
MITRE ATT&CK Malpedia AlienVault OTX Last change to this tool card: 13 July 2020
Download this tool card in JSON format
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bd75f106-8065-4882-b343-73e924e16c99
Page 1 of 2

All groups using tool SamSam
Changed Name Country Observed
APT groups
  Boss Spider, Gold Lowell 2015-Nov 2018
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bd75f106-8065-4882-b343-73e924e16c99
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bd75f106-8065-4882-b343-73e924e16c99
Page 2 of 2