DanderSpritz

Description

(Check Point) DanderSpritz is a full-featured post-exploitation framework used by the Equation Group. This framework was usually leveraged after exploiting a machine and deploying the PeddleCheap “implant”. DanderSpritz is very modular and contains a wide variety of tools for persistence, reconnaissance, lateral movement, bypassing Antivirus engines, and other such shady activities. It was leaked by The Shadow Brokers on April 14th, 2017 as part of the “Lost in Translation” leak.

Names

Name
DanderSpritz

Category

Malware

Type

• Control panel

Information

• https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/

Other Information

Uuid

192d3385-0b66-4858-b94a-46a27d18b8cd

Last Card Change

2022-01-25