Doris

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
"Doris" is a potent malware, working in tandem with another implant known as "Torisma". Both of these malicious programs are base64 encoded, allowing them to infiltrate systems and cause significant damage. Once installed, they can steal personal information, disrupt operations, or even hold data hostage for ransom. The discovery of Doris has led to significant concern due to its potential impact on cybersecurity. In response to the escalating cybersecurity threats posed by malware like Doris, U.S. Representative Zach Nunn proposed the bipartisan Enhancing K–12 Cybersecurity Act in April 2023. This act was co-led by Representative Doris Matsui and aimed at bolstering cybersecurity measures in educational institutions. Following this, the Federal Communications Commission (FCC) reevaluated its E-rate program after Rep. Doris Matsui sent a letter urging the agency to coordinate with other federal entities to enhance K-12 cybersecurity efforts. This act was also supported by U.S. Sen. Mark Warner and introduced as a companion bill, H.R. 2845, on April 25. Around the same time, there were notable changes in the leadership of key cybersecurity agencies. Doris Woltz, director of the Service de Renseignement de l'État (SRE), resigned from her position, with her resignation being formally accepted on November 16. She was recognized for her professional merits, and the government decided to confer an honorary title upon her following her retirement on June 1, 2024. These events underscore the importance of strong leadership and robust legislation in addressing the ever-evolving threat of malware like Doris.
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Torisma
1
Torisma is a sophisticated malware implant discovered during an in-depth analysis of suspicious cyber activities. The malware, along with another implant called Doris, are base64 encoded and embedded within ASP server-side scripts. These scripts contain code to create a binary stream where the Toris
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Doris Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
4 months ago
Search | arXiv e-print repository
CERT-EU
8 months ago
Luxembourg spy chief resigns in 'toxic' climate
CERT-EU
a year ago
Congressman Proposes Act to Improve K-12 Cybersecurity | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
CERT-EU
a year ago
Search | arXiv e-print repository
MITRE
a year ago
Operation North Star: Behind The Scenes | McAfee Blog
CERT-EU
a year ago
FCC chair proposes $200M investment to boost K-12 cybersecurity
CERT-EU
a year ago
As it happened: 2026 Commonwealth Games in Victoria cancelled; PM approval rating drops
CERT-EU
a year ago
Blackburn sponsors bipartisan, bicameral Enhancing K-12 Cybersecurity Act | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware – National Cyber Security Consulting