Lurid is a malware family that has been used by several groups, including PittyTiger, in targeted attacks as far back as 2006. [1] [2]

ID: S0010
Associated Software: Enfal
Platforms: Windows
Version: 1.1
Created: 31 May 2017
Last Modified: 31 March 2020

Techniques Used

Domain ID Name Use
Enterprise T1560 Archive Collected Data

Lurid can compress data before sending it.[2]

Enterprise T1573 .001 Encrypted Channel: Symmetric Cryptography

Lurid performs XOR encryption.[2]

Groups That Use This Software

ID Name References
G0011 PittyTiger