Guru Spider

Description

(Forcepoint) Quant is not new or a very novel piece of malware: we covered the basics of it last year when it was first advertised by its creator, MrRaiX, and began to emerge in the wild. However, analysis of the newly obtained samples quickly revealed some differences to the previously documented Quant-based Locky and Pony campaigns. Further, these newest samples all appeared to attempt to download the same payload files from the C2 server after their initial connection.

Names

NameName-Giver
Guru SpiderCrowdStrike

Country

Motivation

  • Financial gain

First Seen

2014

Observed Countries

Tools

Operations

Information

Other Information

Uuid

37981739-ee01-4d4f-aa5f-aa1c76d23b0d

Last Card Change

2020-04-14