HIDEDRV

Description

(ESET) The rootkit is configured to hide Downdelph and itself from the user, and also to inject Downdelph into explorer.exe. We are now going to describe how those two operations are implemented.

Names

Name
HIDEDRV

Type

Rootkit
Loader

Information

https://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part3.pdf
https://contagiodump.blogspot.de/2017/02/russian-apt-apt28-collection-of-samples.html
http://www.sekoia.fr/blog/wp-content/uploads/2016/10/Rootkit-analysis-Use-case-on-HIDEDRV-v1.6.pdf

Mitre Attack

https://attack.mitre.org/software/S0135/

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.hidedrv

Other Information

Uuid

bc3d715a-2e5c-42ae-8450-f01e7f729af1

Last Card Change

2020-05-13

Threat Intelligence Garden

Explorer

HIDEDRV

HIDEDRV

Description

Names

Category

Type

Information

Mitre Attack

Malpedia

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks