Analysis of a stage 3 Miniduke malware sample
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
(Publication) Google search: [1]
| Analysis of a stage 3 Miniduke malware sample | |
|---|---|
| Botnet | MiniDuke |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-05-30 |
| Editor/Conference | CIRCL |
| Link | https://www.circl.lu/pub/tr-14/ (Archive copy) |
| Author | |
| Type | White paper |
Abstract
“ In the scope of targeted attacks with a malware labeled as Miniduke by Kaspersky Labs, CIRCL was interested in the way the malware’s later stages work and what kind of interesting information they reveal (e.g. techniques, style, IOCs) . No public analysis was found except the mention in Kaspersky’s report of a custom backdoor, so CIRCL took one of the known samples and started this analysis.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1336,
editor = {CIRCL},
author = {},
title = {Analysis of a stage 3 Miniduke malware sample},
date = {30},
month = May,
year = {2013},
howpublished = {\url{https://www.circl.lu/pub/tr-14/}},
}