ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > List all tools > List all groups using tool DanderSpritz

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: DanderSpritz

NamesDanderSpritz
CategoryMalware
TypeControl panel
Description(Check Point) DanderSpritz is a full-featured post-exploitation framework used by the Equation Group. This framework was usually leveraged after exploiting a machine and deploying the PeddleCheap “implant”. DanderSpritz is very modular and contains a wide variety of tools for persistence, reconnaissance, lateral movement, bypassing Antivirus engines, and other such shady activities. It was leaked by The Shadow Brokers on April 14th, 2017 as part of the “Lost in Translation” leak.
Information<https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/>

Last change to this tool card: 25 January 2022

Download this tool card in JSON format

All groups using tool DanderSpritz

ChangedNameCountryObserved

APT groups

 Equation GroupUSA2001-Aug 2016X

1 group listed (1 APT, 0 other, 0 unknown)

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]