DUQU is made up of several components. These components interact with each other in order to achieve its main prupose: to steal information and deliver stolen information to a C&C server. The components consist of some rootkits and information stealers.
DUQU is believed to be created by the same cybercriminals behind STUXNET because of the codes used. However, DUQU does not target SCADA systems unlike STUXNET.
Memory Resident: Yes
Payload: Steals information
This Trojan registers itself as a system service to ensure its automatic execution at every system startup by adding the following registry entries: