Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

12 lines (9 sloc) 646 Bytes
As referenced in https://news.sophos.com/en-us/2019/07/18/a-new-equation-editor-exploit-goes-commercial-as-maldoc-attacks-using-it-spike/
This is not a comprehensive list of samples, but examples of malicious RTF files that abuse Equation Editor to deliver the payloads named here:
74ae0b8d7bef81cffd520a07e2998ba49e83b912 -> Fareit
92f5b35847b3c4fb1b888a01da1affcc6f29a8ae -> Fareit
52171176b0a6ba2577e52b9f45cc2192c3740a8f -> Fareit
a5d1dc74f9bd45b499942f4cc274783691ea936b -> FormBook
4c67b346a4541ea6ebbf02c893ecb4b8da8217c4 -> AzoruLT
b2320f9944f4d186d6b684d462dee37711535003 -> Lokibot
5fd1c86426a5d67271c9e35655a0eb848ba83996 -> Lokibot
You can’t perform that action at this time.