LiteDuke
Description
(ESET) LiteDuke is a third-stage backdoor that was mainly used in 2014-2015. It is not directly linked to Operation Ghost, but we found it on some machines compromised by MiniDuke. We chose to document is mainly because we did not find it described elsewhere. We have dubbed it LiteDuke because it used SQLite to store information such as its configuration.
Names
| Name |
|---|
| LiteDuke |
Category
Malware
Type
- Backdoor
Information
- https://www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/
- https://norfolkinfosec.com/looking-back-at-liteduke/
- https://www.carbonblack.com/2020/03/26/the-dukes-of-moscow/
Mitre Attack
Malpedia
Other Information
Uuid
99ff3fb6-edf3-4c07-b789-3ce1673cd753
Last Card Change
2022-12-30