Tool: Duqu| Names | Duqu Tilded | |
| Category | Malware | |
| Type | ICS malware, Backdoor, Keylogger, Info stealer, Wiper | |
| Description | (Wikipedia) Duqu is a collection of computer malware discovered on 1 September 2011, thought to be related to the Stuxnet worm and to have been created by Unit 8200. The Laboratory of Cryptography and System Security (CrySyS Lab) of the Budapest University of Technology and Economics in Hungary discovered the threat, analysed the malware, and wrote a 60-page report naming the threat Duqu. Duqu got its name from the prefix '~DQ' it gives to the names of files it creates. | |
| Information | <https://en.wikipedia.org/wiki/Duqu> <http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0038/> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:Duqu> | |
Last change to this tool card: 13 June 2020
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Equation Group |  | 2001-Aug 2016 |  | ||
1 group listed (1 APT, 0 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |