ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Duqu

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Duqu

NamesDuqu
Tilded
CategoryMalware
TypeICS malware, Backdoor, Keylogger, Info stealer, Wiper
Description(Wikipedia) Duqu is a collection of computer malware discovered on 1 September 2011, thought to be related to the Stuxnet worm and to have been created by Unit 8200. The Laboratory of Cryptography and System Security (CrySyS Lab) of the Budapest University of Technology and Economics in Hungary discovered the threat, analysed the malware, and wrote a 60-page report naming the threat Duqu. Duqu got its name from the prefix '~DQ' it gives to the names of files it creates.
Information<https://en.wikipedia.org/wiki/Duqu>
<http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf>
<https://www.crysys.hu/publications/files/tedi/ukatemicrysys_territorialdispute.pdf>
<https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns>
<https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2017/10/20114955/Bartholomew-GuerreroSaade-VB2016.pdf>
MITRE ATT&CK<https://attack.mitre.org/software/S0038/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.duqu>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:Duqu>

Last change to this tool card: 23 April 2021

Download this tool card in JSON format

Previous: Dudell
Next: Dustman

All groups using tool Duqu

ChangedNameCountryObserved

APT groups

 Equation GroupUSA2001-Aug 2016X

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key