This family consists of malicious objects that use malicious software modules from Shadow Brokers’ leaks or are created on the basis of these modules. These objects are loaded into system memory and conceal the presence of other malware.
Geographical distribution of attacks by Rootkit.Win32.EquationDrug
Geographical distribution of attacks during the period from 04.08.17 – 04.08.18
Top 10 countries with most attacked users (% of total attacks)
*Percentage among all unique Kaspersky Lab users worldwide attacked by this malware