Stardust reloaded

03 Jun 2006

minute read

Authors

Costin Raiu

We have just received a new version of the StarOffice malware we wrote about last week. Like the previous versions, this one doesn’t work either, suffering from the same severe programming errors.

Speaking of which, it’s come to our attention that the previous blogpost maybe wasn’t very clear regarding the intended nature of Stardust. We’d like to clarify that – Stardust is broken and can’t replicate.

You can check our description for details, or simply put, the virus is way too buggy to work.

Authors

Costin Raiu

Stardust reloaded

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Posts

Latest Webinars

Reports

According to Kaspersky, Librarian Ghouls APT continues its series of attacks on Russian entities. A detailed analysis of a malicious campaign utilizing RAR archives and BAT scripts.

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Stardust reloaded

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

TOP 10 unattributed APT mysteries

Applied YARA training Q&A

PuzzleMaker attacks with Chrome zero-day exploit chain

Looking at Big Threats Using Code Similarity. Part 1

YARA webinar follow up

Batavia spyware steals data from Russian organizations

SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play

Triada strikes back

Lumma Stealer – Tracking distribution channels

Attackers distributing a miner and the ClipBanker Trojan via SourceForge

Latest Posts

Forensic journey: Breaking down the UserAssist artifact structure

Code highlighting with Cursor AI for $500,000

Approach to mainframe penetration testing on z/OS. Deep dive into RACF

Batavia spyware steals data from Russian organizations

Latest Webinars

Unmasking email dangers: Detecting and defending against mail threats

Kaspersky Scan Engine: Built to Integrate, Engineered to Protect

Kaspersky’s way of cloud workload protection

In-depth analysis of cyberattacks: key findings from Kaspersky’s Incident Response report

Reports

Sleep with one eye open: how Librarian Ghouls steal data by night

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Subscribe to our weekly e-mails