Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:54:19 UTC
Home > List all groups > List all tools > List all groups using tool VeilShell
 Tool: VeilShell
Names VeilShell
Category Malware
Type Backdoor
Description
(Securonix) Executed by the Javascript eval() function is a single large PowerShell one-liner.
The script serves as a backdoor/RAT (Remote Access Trojan), allowing an attacker to control
the victim’s system remotely.
Information
Last change to this tool card: 24 October 2024
Download this tool card in JSON format
All groups using tool VeilShell
Changed Name Country Observed
APT groups
 Reaper, APT 37, Ricochet Chollima, ScarCruft 2012-Mar 2025
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4d007aba-c7b0-46ef-b37d-455741544219
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4d007aba-c7b0-46ef-b37d-455741544219
Page 1 of 1