Cahnadr

Description

(Kaspersky) Canhadr, also known as NDriver, contains low-level routines for network, IO operations and so on. Its kernel-mode program is able to execute malicious code without crashing the whole file system or causing Blue Screen – a remarkable achievement. Written in pure C language, Canhadr/Ndriver provides full access to the hard drive and operating memory despite device security restrictions, and carries out integrity control of various system components to avoid debugging and security detection.

Names

Name
Cahnadr
NDriver

Type

Rootkit

Information

https://securelist.com/apt-slingshot/84312/

Other Information

Uuid

9e0e8a79-075a-49d4-b3a4-5cb6cde5369e

Last Card Change

2020-04-20

Threat Intelligence Garden

Explorer

Cahnadr

Cahnadr

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks