Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 20:27:56 UTC
Home > List all groups > List all tools > List all groups using tool QUEUESEED
 Tool: QUEUESEED
Names
QUEUESEED
IcyWell
Kapeka
Category Malware
Type Backdoor
Description
(BleepingComputer) C++ backdoor for Windows that collects basic system information and
executes commands from a remote server. It handles file operations, command execution, and
configuration updates and can delete itself. Communications are secured via HTTPS, and data
is encrypted using RSA and AES. It stores its data and maintains persistence on infected
systems by encrypting its configuration in the Windows registry and setting up tasks or
registry entries for automatic execution.
Information
Last change to this tool card: 23 April 2024
Download this tool card in JSON format
All groups using tool QUEUESEED
Changed Name Country Observed
APT groups
 Sandworm Team, Iron Viking, Voodoo Bear 2009-Dec 2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4365d4bb-3b6d-4278-bfa9-3e8962ee0a71
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4365d4bb-3b6d-4278-bfa9-3e8962ee0a71
Page 1 of 1