SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
LoJax
ID: S0397
Type: MALWARE
Platforms: Windows
Contributors: Jean-Ian Boutin, ESET
Version: 1.1
Created: 02 July 2019
Last Modified: 30 March 2020
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1547 | .001 | Boot or Logon Autostart Execution: Registry Run Keys / Startup Folder |
LoJax has modified the Registry key |
Enterprise | T1564 | .004 | Hide Artifacts: NTFS File Attributes |
LoJax has loaded an embedded NTFS DXE driver to be able to access and write to NTFS partitions.[1] |
Enterprise | T1112 | Modify Registry |
LoJax has modified the Registry key |
|
Enterprise | T1542 | .001 | Pre-OS Boot: System Firmware |
LoJax is a UEFI BIOS rootkit deployed to persist remote access software on some targeted systems.[1] |
Enterprise | T1014 | Rootkit |
LoJax is a UEFI BIOS rootkit deployed to persist remote access software on some targeted systems.[1] |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0007 | APT28 |
References
×