{
	"id": "e3e47124-b034-41af-831e-ef15c2727808",
	"created_at": "2026-04-06T00:13:13.641551Z",
	"updated_at": "2026-04-10T03:21:39.436879Z",
	"deleted_at": null,
	"sha1_hash": "943332465079eab7c43d892b41c2250219db636a",
	"title": "Voldemort (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 28191,
	"plain_text": "Voldemort (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 23:49:39 UTC\r\nVoldemort is a backdoor discovered by Proofpoint in August 2024. It is being distributed via phishing E-Mails and\r\nmakes use of creative techniques such as using saved search files during the infection chain for obfuscation and\r\nGoogle Sheets for C2. While its broad targeting looks like it is related to ecrime, Proofpoint notes that the\r\ncapabilities of the malware point towards espionage/APT activity.\r\n[TLP:WHITE] win_voldemort_auto (20251219 | Detects win.voldemort.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.voldemort\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.voldemort\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.voldemort"
	],
	"report_names": [
		"win.voldemort"
	],
	"threat_actors": [],
	"ts_created_at": 1775434393,
	"ts_updated_at": 1775791299,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/943332465079eab7c43d892b41c2250219db636a.pdf",
		"text": "https://archive.orkl.eu/943332465079eab7c43d892b41c2250219db636a.txt",
		"img": "https://archive.orkl.eu/943332465079eab7c43d892b41c2250219db636a.jpg"
	}
}