ROCK

Description

(Qihoo 360) ROCK Trojan plays a main role in the Sphinx attacks. This malware family was developed by the attackers themselves or was customer-made by a third party group.

The malware impersonated Word documents, images or installation programs in the attempt to disguise itself as PDF files, pictures or Flash installers to induce the users to click.

The main purpose is to steal sensitive information from the victims, such as system information, account & password and search history saved in the browser. It also monitors victims through Skype chatting history, cameras, microphones and keyboard & mouse logging. The information collected will then be encrypted and passed back to specific C2 servers.

Names

Name
ROCK
yellowalbatross

Type

Backdoor
Info stealer
Credential stealer

Information

https://docplayer.net/83717233-Sphinx-apt-c-15-targeted-cyber-attack-in-the-middle-east-table-of-contents.html
https://github.com/securitykitten/malware_references/blob/master/rmshixdAPT-C-15-20160630.pdf

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.rock

Other Information

Uuid

e87646c0-03af-4547-9f37-6bf9a2e99cde

Last Card Change

2020-05-21

Threat Intelligence Garden

Explorer

ROCK

ROCK

Description

Names

Category

Type

Information

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks