Sharik

Malware Profile Updated 2 months ago
Download STIX
Preview STIX
Sharik, also known as Dofoil or Smoke Loader, is a form of malware that targets systems running Microsoft Windows. It is a backdoor program that loads other malicious software onto a computer system, with a wide range of capabilities beyond just loading malware. An early version of this harmful program was first advertised in the criminal underground as far back as 2011, and its activity has been consistently documented since then by various sources. Numerous reports and analyses have been published on Smoke Loader, including an analysis we released in 2018. Smoke Loader can infect your system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. The malware saw a surge in attacks specifically targeting Ukrainian financial and government organizations. This highlights the potential for significant disruption and damage to key sectors, demonstrating the serious threat posed by this malicious software. It is important to note that the term "Sharik" is not solely associated with the malware. For instance, Sharik Laliwala is a political scientist and PhD student at the University of California, Berkeley, who studies caste and religious minorities in India. His work does not have any connection to the malware, illustrating how the same term can refer to very different things in different contexts.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Dofoil
1
Dofoil, also known as Smoke Loader or Sharik, is a malicious program primarily designed to load other malware onto systems running Microsoft Windows. Originating in the criminal underground as early as 2011, Dofoil has shown resilience and adaptability over the years, with various sources documentin
Smoke Loader
1
Smoke Loader is a prominent type of malware identified by the SCPC SSSCIP, used in recent attacks primarily targeting Ukrainian organizations. This malicious software is often delivered via IPFS links by malware families such as Smoke Loader, XLoader, XMRig, and OriginLogger, disrupting operations a
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
India
Backdoor
Loader
Windows
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Sharik Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
9 months ago
More than just a game as Gujarat gears up for the India-Pakistan cricket clash
Unit42
4 months ago
Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor