Analysis of a stage 3 Miniduke malware sample

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Analysis of a stage 3 Miniduke malware sample
Botnet MiniDuke
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-05-30
Editor/Conference CIRCL
Link https://www.circl.lu/pub/tr-14/ (Archive copy)
Author
Type White paper

Abstract

In the scope of targeted attacks with a malware labeled as Miniduke by Kaspersky Labs, CIRCL was interested in the way the malware’s later stages work and what kind of interesting information they reveal (e.g. techniques, style, IOCs) . No public analysis was found except the mention in Kaspersky’s report of a custom backdoor, so CIRCL took one of the known samples and started this analysis.

Bibtex

 @misc{empty2013BFR1336,
   editor = {CIRCL},
   author = {},
   title = {Analysis of a stage 3 Miniduke malware sample},
   date = {30},
   month = May,
   year = {2013},
   howpublished = {\url{https://www.circl.lu/pub/tr-14/}},
 }