S0135Windows

S0135HIDEDRV

Platforms
1
ATT&CK
14.1
References
3

Description

[HIDEDRV](https://attack.mitre.org/software/S0135) is a rootkit used by [APT28](https://attack.mitre.org/groups/G0007). It has been deployed along with [Downdelph](https://attack.mitre.org/software/S0134) to execute and hide that malware. (Citation: ESET Sednit Part 3) (Citation: Sekoia HideDRV Oct 2016)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0135
  2. http://www.welivesecurity.com/wp-content/uploads/2016/10/eset-sednit-part3.pdf
  3. http://www.sekoia.fr/blog/wp-content/uploads/2016/10/Rootkit-analysis-Use-case-on-HIDEDRV-v1.6.pdf

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Downdelph
Technique
Rootkit
Software
SLOWDRIFT
Software
USBStealer
Software
SPACESHIP
Software
SeaDuke
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.