KopiLuwak (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

js.kopiluwak (Back to overview)

KopiLuwak

Actor(s): Turla

There is no description at this point.

References

2023-04-24 ⋅ Kaspersky Labs ⋅ Ivan Kwiatkowski, Pierre Delcher
Tomiris called, they want their Turla malware back
KopiLuwak Andromeda Ave Maria GoldMax JLORAT Kazuar Meterpreter QUIETCANARY RATel Roopy Telemiris tomiris Topinambour Storm-0473

2023-01-05 ⋅ Mandiant ⋅ Eduardo Mattos, Gabby Roncone, John Wolfram, Sarah Hawley, Tyler McLellan
Turla: A Galaxy of Opportunity
KopiLuwak Andromeda QUIETCANARY

2020-02-13 ⋅ Qianxin ⋅ Qi Anxin Threat Intelligence Center
APT Report 2019
Chrysaor Exodus Dacls VPNFilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy

2018-10-04 ⋅ Kaspersky Labs ⋅ GReAT
Shedding Skin – Turla’s Fresh Faces
KopiLuwak Agent.BTZ Cobra Carbon System Gazer Meterpreter Mosquito Skipper

2017-10-05 ⋅ Angel Alonso-Parrizas
Analysis of a malicious DOC used by Turla APT group; hunting persistence via PowerShell
KopiLuwak

2017-08-17 ⋅ Proofpoint ⋅ Darien Huss
Turla APT actor refreshes KopiLuwak JavaScript backdoor for use in G20-themed attack
KopiLuwak

2017-02-02 ⋅ Kaspersky Labs ⋅ Brian Bartholomew
KopiLuwak: A New JavaScript Payload from Turla
KopiLuwak

2015-01-01 ⋅ Bitdefender ⋅ Andrei Ardelean, Claudiu Cobliș, Cristian Istrate, Marius Tivadar
New Pacifier APT Components Point to Russian-Linked Turla Group
KopiLuwak Gazer Skipper

There is no Yara-Signature yet.