{ "id": "3e04cbd8-d0e5-4cd5-96b7-366533905a56", "created_at": "2026-04-06T01:29:32.019579Z", "updated_at": "2026-04-10T13:13:06.393778Z", "deleted_at": null, "sha1_hash": "e6b180a253d80a7d600b79e3fbb188f548270640", "title": "GitHub - Hildaboo/Unidentified081Server: a basic server emulator for SHATTEREDGLASS ransomware attributed to Andariel.", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 70075, "plain_text": "GitHub - Hildaboo/Unidentified081Server: a basic server emulator\r\nfor SHATTEREDGLASS ransomware attributed to Andariel.\r\nBy Hildaboo\r\nArchived: 2026-04-06 01:00:05 UTC\r\nAI CODE CREATION\r\nGitHub CopilotWrite better code with AI\r\nGitHub SparkBuild and deploy intelligent apps\r\nGitHub ModelsManage and compare prompts\r\nMCP RegistryNewIntegrate external tools\r\nDEVELOPER WORKFLOWS\r\nActionsAutomate any workflow\r\nCodespacesInstant dev environments\r\nIssuesPlan and track work\r\nCode ReviewManage code changes\r\nAPPLICATION SECURITY\r\nGitHub Advanced SecurityFind and fix vulnerabilities\r\nCode securitySecure your code as you build\r\nSecret protectionStop leaks before they start\r\nEXPLORE\r\nWhy GitHub\r\nDocumentation\r\nBlog\r\nChangelog\r\nMarketplace\r\nView all features\r\nBY COMPANY SIZE\r\nhttps://github.com/Hildaboo/Unidentified081Server\r\nPage 1 of 3\n\nEnterprises\r\nSmall and medium teams\r\nStartups\r\nNonprofits\r\nBY USE CASE\r\nApp Modernization\r\nDevSecOps\r\nDevOps\r\nCI/CD\r\nView all use cases\r\nBY INDUSTRY\r\nHealthcare\r\nFinancial services\r\nManufacturing\r\nGovernment\r\nView all industries\r\nView all solutions\r\nEXPLORE BY TOPIC\r\nAI\r\nSoftware Development\r\nDevOps\r\nSecurity\r\nView all topics\r\nEXPLORE BY TYPE\r\nCustomer stories\r\nEvents \u0026 webinars\r\nEbooks \u0026 reports\r\nBusiness insights\r\nGitHub Skills\r\nSUPPORT \u0026 SERVICES\r\nDocumentation\r\nCustomer support\r\nCommunity forum\r\nTrust center\r\nPartners\r\nhttps://github.com/Hildaboo/Unidentified081Server\r\nPage 2 of 3\n\nView all resources\r\nCOMMUNITY\r\nGitHub SponsorsFund open source developers\r\nPROGRAMS\r\nSecurity Lab\r\nMaintainer Community\r\nAccelerator\r\nGitHub Stars\r\nArchive Program\r\nREPOSITORIES\r\nTopics\r\nTrending\r\nCollections\r\nENTERPRISE SOLUTIONS\r\nEnterprise platformAI-powered developer platform\r\nAVAILABLE ADD-ONS\r\nGitHub Advanced SecurityEnterprise-grade security features\r\nCopilot for BusinessEnterprise-grade AI features\r\nPremium SupportEnterprise-grade 24/7 support\r\nPricing\r\nSign in\r\nSign up\r\nSource: https://github.com/Hildaboo/Unidentified081Server\r\nhttps://github.com/Hildaboo/Unidentified081Server\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "origins": [ "web" ], "references": [ "https://github.com/Hildaboo/Unidentified081Server" ], "report_names": [ "Unidentified081Server" ], "threat_actors": [ { "id": "838f6ced-12a4-4893-991a-36d231d96efd", "created_at": "2022-10-25T15:50:23.347455Z", "updated_at": "2026-04-10T02:00:05.295717Z", "deleted_at": null, "main_name": "Andariel", "aliases": [ "Andariel", "Silent Chollima", "PLUTONIUM", "Onyx Sleet" ], "source_name": "MITRE:Andariel", "tools": [ "Rifdoor", "gh0st RAT" ], "source_id": "MITRE", "reports": null }, { "id": "110e7160-a8cc-4a66-8550-f19f7d418117", "created_at": "2023-01-06T13:46:38.427592Z", "updated_at": "2026-04-10T02:00:02.969896Z", "deleted_at": null, "main_name": "Silent Chollima", "aliases": [ "Onyx Sleet", "PLUTONIUM", "OperationTroy", "Guardian of Peace", "GOP", "WHOis Team", "Andariel", "Subgroup: Andariel" ], "source_name": "MISPGALAXY:Silent Chollima", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "bc6e3644-3249-44f3-a277-354b7966dd1b", "created_at": "2022-10-25T16:07:23.760559Z", "updated_at": "2026-04-10T02:00:04.741239Z", "deleted_at": null, "main_name": "Andariel", "aliases": [ "APT 45", "Andariel", "G0138", "Jumpy Pisces", "Onyx Sleet", "Operation BLACKMINE", "Operation BLACKSHEEP/Phase 3.", "Operation Blacksmith", "Operation DESERTWOLF/Phase 3", "Operation GHOSTRAT", "Operation GoldenAxe", "Operation INITROY/Phase 1", "Operation INITROY/Phase 2", "Operation Mayday", "Operation VANXATM", "Operation XEDA", "Plutonium", "Silent Chollima", "Stonefly" ], "source_name": "ETDA:Andariel", "tools": [], "source_id": "ETDA", "reports": null }, { "id": "a2b92056-9378-4749-926b-7e10c4500dac", "created_at": "2023-01-06T13:46:38.430595Z", "updated_at": "2026-04-10T02:00:02.971571Z", "deleted_at": null, "main_name": "Lazarus Group", "aliases": [ "Operation DarkSeoul", "Bureau 121", "Group 77", "APT38", "NICKEL GLADSTONE", "G0082", "COPERNICIUM", "Moonstone Sleet", "Operation GhostSecret", "APT 38", "Appleworm", "Unit 121", "ATK3", "G0032", "ATK117", "NewRomanic Cyber Army Team", "Nickel Academy", "Sapphire Sleet", "Lazarus group", "Hastati Group", "Subgroup: Bluenoroff", "Operation Troy", "Black Artemis", "Dark Seoul", "Andariel", "Labyrinth Chollima", "Operation AppleJeus", "COVELLITE", "Citrine Sleet", "DEV-0139", "DEV-1222", "Hidden Cobra", "Bluenoroff", "Stardust Chollima", "Whois Hacking Team", "Diamond Sleet", "TA404", "BeagleBoyz", "APT-C-26" ], "source_name": "MISPGALAXY:Lazarus Group", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "771d9263-076e-4b6e-bd58-92b6555eb739", "created_at": "2025-08-07T02:03:25.092436Z", "updated_at": "2026-04-10T02:00:03.758541Z", "deleted_at": null, "main_name": "NICKEL HYATT", "aliases": [ "APT45 ", "Andariel", "Dark Seoul", "Jumpy Pisces ", "Onyx Sleet ", "RIFLE Campaign", "Silent Chollima ", "Stonefly ", "UN614 " ], "source_name": "Secureworks:NICKEL HYATT", "tools": [ "ActiveX 0-day", "DTrack", "HazyLoad", "HotCriossant", "Rifle", "UnitBot", "Valefor" ], "source_id": "Secureworks", "reports": null } ], "ts_created_at": 1775438972, "ts_updated_at": 1775826786, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/e6b180a253d80a7d600b79e3fbb188f548270640.pdf", "text": "https://archive.orkl.eu/e6b180a253d80a7d600b79e3fbb188f548270640.txt", "img": "https://archive.orkl.eu/e6b180a253d80a7d600b79e3fbb188f548270640.jpg" } }