Heriplor
Description
(Symantec) Trojan.Heriplor is a backdoor that appears to be exclusively used by Dragonfly, and is one of the strongest indications that the group that targeted the western energy sector between 2011 and 2014 is the same group that is behind the more recent attacks. This custom malware is not available on the black market, and has not been observed being used by any other known attack groups. It has only ever been seen being used in attacks against targets in the energy sector.
Names
| Name |
|---|
| Heriplor |
Category
Malware
Type
- Backdoor
Information
- https://symantec-blogs.broadcom.com/blogs/threat-intelligence/dragonfly-energy-sector-cyber-attacks
- https://insights.sei.cmu.edu/cert/2019/03/api-hashing-tool-imagine-that.html
Malpedia
Other Information
Uuid
ed2cc683-3ae0-4793-9903-9b046ea364ad
Last Card Change
2020-05-13