RustDown

Description

(Intezer) In October 2023, we discovered a new malware written in Rust. The sample is a 32-bit Windows executable masquerading as a PHP framework component. While the codebase is new, the malware consistently shares TTPs used by the WildCard threat actor in both SysJoker and its variants. The name of the malware is derived from the developers, as evidenced by a leftover PDB path.

Names

Name
RustDown

Type

Backdoor

Information

https://intezer.com/blog/research/wildcard-evolution-of-sysjoker-cyber-threat/

Other Information

Uuid

b6f78f30-6781-4ba2-81d3-9a36e1eb4723

Last Card Change

2023-11-30

Threat Intelligence Garden

Explorer

RustDown

RustDown

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks