{ "id": "f99c4ccc-49cf-4f33-862a-677f2417a898", "created_at": "2026-04-06T00:12:10.737413Z", "updated_at": "2026-04-10T03:30:30.99252Z", "deleted_at": null, "sha1_hash": "ecf72fd4ad1869aa0d9a029a132afa38dae952af", "title": "Automated Malware Analysis | Malware Analysis Tool", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 553408, "plain_text": "Automated Malware Analysis | Malware Analysis Tool\r\nArchived: 2026-04-05 15:24:34 UTC\r\nLeverage Leading Malware Analysis Tools\r\nUsing malware analysis tools is vital for identifying indicators and gaining context on threats. Automate file\r\nsample submissions for analysis and report output ingestion and processing.\r\nRespond Faster to Attacks\r\nUse intel from malware analyses to speed analysis, threat detection and blocking, and incident response activities.\r\nhttps://threatconnect.com/blog/threatconnect-research-roundup-probable-sandworm-infrastructure\r\nPage 1 of 2\n\nAutomate Malware Search and Discovery\r\nLeverage playbook automation and intel from malware analyses to determine the scope of an attack and speed\r\nresponse activities.\r\nSource: https://threatconnect.com/blog/threatconnect-research-roundup-probable-sandworm-infrastructure\r\nhttps://threatconnect.com/blog/threatconnect-research-roundup-probable-sandworm-infrastructure\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "references": [ "https://threatconnect.com/blog/threatconnect-research-roundup-probable-sandworm-infrastructure" ], "report_names": [ "threatconnect-research-roundup-probable-sandworm-infrastructure" ], "threat_actors": [ { "id": "8941e146-3e7f-4b4e-9b66-c2da052ee6df", "created_at": "2023-01-06T13:46:38.402513Z", "updated_at": "2026-04-10T02:00:02.959797Z", "deleted_at": null, "main_name": "Sandworm", "aliases": [ "IRIDIUM", "Blue Echidna", "VOODOO BEAR", "FROZENBARENTS", "UAC-0113", "Seashell Blizzard", "UAC-0082", "APT44", "Quedagh", "TEMP.Noble", "IRON VIKING", "G0034", "ELECTRUM", "TeleBots" ], "source_name": "MISPGALAXY:Sandworm", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "7bd810cb-d674-4763-86eb-2cc182d24ea0", "created_at": "2022-10-25T16:07:24.1537Z", "updated_at": "2026-04-10T02:00:04.883793Z", "deleted_at": null, "main_name": "Sandworm Team", "aliases": [ "APT 44", "ATK 14", "BE2", "Blue Echidna", "CTG-7263", "FROZENBARENTS", "G0034", "Grey Tornado", "IRIDIUM", "Iron Viking", "Quedagh", "Razing Ursa", "Sandworm", "Sandworm Team", "Seashell Blizzard", "TEMP.Noble", "UAC-0082", "UAC-0113", "UAC-0125", "UAC-0133", "Voodoo Bear" ], "source_name": "ETDA:Sandworm Team", "tools": [ "AWFULSHRED", "ArguePatch", "BIASBOAT", "Black Energy", "BlackEnergy", "CaddyWiper", "Colibri Loader", "Cyclops Blink", "CyclopsBlink", "DCRat", "DarkCrystal RAT", "Fobushell", "GOSSIPFLOW", "Gcat", "IcyWell", "Industroyer2", "JaguarBlade", "JuicyPotato", "Kapeka", "KillDisk.NCX", "LOADGRIP", "LOLBAS", "LOLBins", "Living off the Land", "ORCSHRED", "P.A.S.", "PassKillDisk", "Pitvotnacci", "PsList", "QUEUESEED", "RansomBoggs", "RottenPotato", "SOLOSHRED", "SwiftSlicer", "VPNFilter", "Warzone", "Warzone RAT", "Weevly" ], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434330, "ts_updated_at": 1775791830, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/ecf72fd4ad1869aa0d9a029a132afa38dae952af.pdf", "text": "https://archive.orkl.eu/ecf72fd4ad1869aa0d9a029a132afa38dae952af.txt", "img": "https://archive.orkl.eu/ecf72fd4ad1869aa0d9a029a132afa38dae952af.jpg" } }