SYMBOLCOMMON_NAMEaka. SYNONYMS

Unit 8200  (Back to overview)

aka: Duqu Group


Associated Families
win.duqu

References
2022-05-09cocomelonccocomelonc
@online{cocomelonc:20220509:malware:1cdee23, author = {cocomelonc}, title = {{Malware development: persistence - part 4. Windows services. Simple C++ example.}}, date = {2022-05-09}, organization = {cocomelonc}, url = {https://cocomelonc.github.io/tutorial/2022/05/09/malware-pers-4.html}, language = {English}, urldate = {2022-12-01} } Malware development: persistence - part 4. Windows services. Simple C++ example.
Anchor AppleJeus Attor BBSRAT BlackEnergy Carbanak Cobalt Strike DuQu
2019Council on Foreign RelationsCyber Operations Tracker
@online{tracker:2019:duqu:bc51352, author = {Cyber Operations Tracker}, title = {{Duqu}}, date = {2019}, organization = {Council on Foreign Relations}, url = {https://www.cfr.org/interactive/cyber-operations/duqu}, language = {English}, urldate = {2019-12-20} } Duqu
Unit 8200
2019Council on Foreign RelationsCyber Operations Tracker
@online{tracker:2019:duqu:19e8eeb, author = {Cyber Operations Tracker}, title = {{Duqu 2.0}}, date = {2019}, organization = {Council on Foreign Relations}, url = {https://www.cfr.org/interactive/cyber-operations/duqu-20}, language = {English}, urldate = {2019-12-20} } Duqu 2.0
Unit 8200
2018-03CrySyS LabBoldizsar Bencsath
@techreport{bencsath:201803:territorial:04343bb, author = {Boldizsar Bencsath}, title = {{Territorial Dispute – NSA’s perspective on APT landscape}}, date = {2018-03}, institution = {CrySyS Lab}, url = {https://www.crysys.hu/publications/files/tedi/ukatemicrysys_territorialdispute.pdf}, language = {English}, urldate = {2020-05-07} } Territorial Dispute – NSA’s perspective on APT landscape
9002 RAT Agent.BTZ DuQu EYService Flame FlowerShop Stuxnet Uroburos
2016-09-07Virus BulletinBrian Bartholomew, Juan Andrés Guerrero-Saade
@techreport{bartholomew:20160907:wave:96e9f50, author = {Brian Bartholomew and Juan Andrés Guerrero-Saade}, title = {{Wave Your False Flags! Deception Tactics Muddying Attribution in Targeted Attacks}}, date = {2016-09-07}, institution = {Virus Bulletin}, url = {https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2017/10/20114955/Bartholomew-GuerreroSaade-VB2016.pdf}, language = {English}, urldate = {2020-03-13} } Wave Your False Flags! Deception Tactics Muddying Attribution in Targeted Attacks
DuQu JripBot Sinowal Stuxnet Wipbot
2015-09-12Archive-orgEmma Best
@online{best:20150912:stuxnet:c9b43da, author = {Emma Best}, title = {{Stuxnet code}}, date = {2015-09-12}, organization = {Archive-org}, url = {https://archive.org/details/Stuxnet}, language = {English}, urldate = {2020-01-09} } Stuxnet code
Unit 8200
2015-06-10Kaspersky LabsGReAT
@online{great:20150610:mystery:c1ef5c2, author = {GReAT}, title = {{The Mystery of Duqu 2.0: a sophisticated cyberespionage actor returns}}, date = {2015-06-10}, organization = {Kaspersky Labs}, url = {https://securelist.com/blog/research/70504/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/}, language = {English}, urldate = {2020-03-09} } The Mystery of Duqu 2.0: a sophisticated cyberespionage actor returns
DuQu Unit 8200
2011-11-23SymantecSymantec
@online{symantec:20111123:w32duqu:05cefba, author = {Symantec}, title = {{W32.Duqu: The precursor to the next Stuxnet}}, date = {2011-11-23}, organization = {Symantec}, url = {https://docs.broadcom.com/doc/w32-duqu-11-en}, language = {English}, urldate = {2021-07-26} } W32.Duqu: The precursor to the next Stuxnet
DuQu

Credits: MISP Project