DownEx (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

win.downex (Back to overview)

DownEx

Actor(s): UAC-0063

According to Bitdefender, this is an exfiltration tool, scanning local and network drives for sensitive files, like documents, archives, certificates, and cryptographic keys.

References

2023-05-10 ⋅ Bitdefender ⋅ Martin Zugec
Deep Dive Into DownEx Espionage Operation in Central Asia
DownEx

There is no Yara-Signature yet.

DownEx Propose Change

References

DownEx