Bvp47 Equation Group Backdoor

Posted Under: Backdoor, Download Free Malware Samples , Linux, Malware on Feb 24, 2022
Bvp47 Equation Group Backdoor
BVP47 is a NSA backed Tailored Access oprations (TAO) backdoor. It is detected by Chinese firm back in 2013 which it disclosed now. The name Bvp47 comes form the numerous references to the string "Bvp" and the numerical value "0x47" used in the encryption algorithm, the backdoor was extracted from Linux systems during an forensic investigation of one of company's client. It utilizes advanced covert channel behavior based on TCP SYN packets, code obfuscation, system hiding, and self-destruction design. It has over 245 targets in 45 countries, including american friendly countries. A detail analysis can be found here.

BVP47 Equation Group Malware Signatures

Family: UDS:Backdoor.Linux.Bvp47.a
MD5: 58b6696496450f254b1423ea018716dc
SHA256: 7989032a5a2baece889100c4cfeca81f1da1241ab47365dad89107e417ce7bac

BVP47 Equation Group Malware Download

Download BVP47 Equation Group Malware Sample