SYMBOLCOMMON_NAMEaka. SYNONYMS
win.lojax (Back to overview)

LoJax

Actor(s): Sofacy


There is no description at this point.

References
2020-02-13QianxinQi Anxin Threat Intelligence Center
@techreport{center:20200213:report:146d333, author = {Qi Anxin Threat Intelligence Center}, title = {{APT Report 2019}}, date = {2020-02-13}, institution = {Qianxin}, url = {https://ti.qianxin.com/uploads/2020/02/13/cb78386a082f465f259b37dae5df4884.pdf}, language = {English}, urldate = {2020-02-27} } APT Report 2019
Chrysaor Exodus Dacls elf.vpnfilter DNSRat Griffon KopiLuwak More_eggs SQLRat AppleJeus BONDUPDATER Agent.BTZ Anchor AndroMut AppleJeus BOOSTWRITE Brambul Carbanak Cobalt Strike Dacls DistTrack DNSpionage Dtrack ELECTRICFISH FlawedAmmyy FlawedGrace Get2 Grateful POS HOPLIGHT Imminent Monitor RAT jason Joanap KerrDown KEYMARBLE Lambert LightNeuron LoJax MiniDuke PolyglotDuke PowerRatankba Rising Sun SDBbot ServHelper Snatch Stuxnet TinyMet tRat TrickBot Volgmer X-Agent Zebrocy
2018-11-05Youtube (MSRC)Jean-Ian Boutin, Frédéric Vachon
@online{boutin:20181105:bluehat:65f6d65, author = {Jean-Ian Boutin and Frédéric Vachon}, title = {{BlueHat v18 || First STRONTIUM UEFI Rootkit Unveiled}}, date = {2018-11-05}, organization = {Youtube (MSRC)}, url = {https://www.youtube.com/watch?v=VeoXT0nEcFU}, language = {English}, urldate = {2019-12-17} } BlueHat v18 || First STRONTIUM UEFI Rootkit Unveiled
LoJax
2018-10-04SymantecCritical Attack Discovery and Intelligence Team
@online{team:20181004:apt28:97a1356, author = {Critical Attack Discovery and Intelligence Team}, title = {{APT28: New Espionage Operations Target Military and Government Organizations}}, date = {2018-10-04}, organization = {Symantec}, url = {https://symantec-blogs.broadcom.com/blogs/election-security/apt28-espionage-military-government}, language = {English}, urldate = {2020-04-21} } APT28: New Espionage Operations Target Military and Government Organizations
LoJax Seduploader X-Agent XTunnel Zebrocy Sofacy
2018-09ESET Research
@techreport{research:201809:lojax:747e1e3, author = {ESET Research}, title = {{LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group}}, date = {2018-09}, institution = {}, url = {https://www.welivesecurity.com/wp-content/uploads/2018/09/ESET-LoJax.pdf}, language = {English}, urldate = {2019-12-17} } LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group
LoJax

There is no Yara-Signature yet.