AcidRain

Description

(SentinelOne) AcidRain’s functionality is relatively straightforward and takes a bruteforce attempt that possibly signifies that the attackers were either unfamiliar with the particulars of the target firmware or wanted the tool to remain generic and reusable. The binary performs an in-depth wipe of the filesystem and various known storage device files. If the code is running as root, AcidRain performs an initial recursive overwrite and delete of non-standard files in the filesystem.

Names

Name
AcidRain

Type

Wiper

Information

https://www.sentinelone.com/labs/acidrain-a-modem-wiper-rains-down-on-europe/
https://therecord.media/a-deeper-look-at-the-malware-being-used-on-ukrainian-targets/
https://cybersecurity.att.com/blogs/labs-research/analysis-on-recent-wiper-attacks-examples-and-how-they-wiper-malware-works

Mitre Attack

https://attack.mitre.org/software/S1125

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/elf.acidrain

Other Information

Uuid

d5402160-095e-43cf-a6bc-86671d5e10bb

Last Card Change

2024-06-19

Threat Intelligence Garden

Explorer

AcidRain

AcidRain

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks