ðŸ›Ąïļ
./Malfav.asm
Linkedin
  • 👋./Malfav.asm
    • ðŸ•ļïļMalfav Agenda
  • 🕷ïļMalware Introduction
    • ðŸ’ĄWhat is Malware
      • 🌠FIN Malware
      • ðŸĶ˜Cyber Gang Malware
        • 🕷ïļSpiders Malware
      • ðŸ•ĩïļâ€â™€ïļCyber Espionage Malware
      • 🍘Cyber Sabotage Malware
      • ðŸ›īRootkit
        • ðŸŦšBootkit
    • ðŸĶŦNations State APT
      • ðŸ—ŊïļAPT
      • ðŸ‡Ū🇷Iran APT
      • 🇷🇚Russian APT
      • ðŸ‡ĻðŸ‡ģChines APT
      • ðŸ‡ŪðŸ‡ģIndia APT
      • ðŸ‡ĩ🇰Pakistan APT
      • ðŸ‡ŧðŸ‡ģVietnamese APT
      • 🇰ðŸ‡ĩNorth Korean APT
    • ðŸĨ‹Mobile Malware
      • ðŸ“ēAndroid Malware
        • 💰Commerical Android Malware
          • Common Android Spyware
        • 🧧Common Android Exploits
          • 0ïļCommon Android 0day
      • ðŸ“ąIPHONE Malware
        • 🐚Common IPHONE Spyware
        • ðŸ’ĨCommerical IPHONE Malware
        • ðŸ’ĢCommon IPHONE Exploits
    • 📃Malicious Documents
      • ðŸ“ĻExcel Spreadsheets
      • 🗞PowerPoint Presentations
      • ðŸĪšMicrosoft Office Documents
      • 📑PDF
      • 📄Other Document Formats
      • ðŸĐžCommon Techniques Used in Malicious Documents
    • 🏞ïļAdvanced Persistence Threat - APT
      • ðŸĨ APT Groups
        • ðŸ‡ĻðŸ‡ģMustang Panda
        • 🛕Mustard Tempest
        • ðŸ‡ĻðŸ‡ģNaikon
        • ðŸŠĄNEODYMIUM
        • 🇷🇚Nomadic Octopus
        • ðŸ‡Ū🇷OilRig
        • 🍊Orangeworm
        • ðŸ‡ŪðŸ‡ģPatchwork
        • ðŸ‡ĻðŸ‡ģPittyTiger
        • 🌏PLATINUM
        • ðŸ‡ąðŸ‡§POLONIUM
        • ðŸ‡ĩðŸ‡đPoseidon Group
        • ðŸ‡đðŸ‡ēPROMETHIUM
        • ðŸ‡ĻðŸ‡ģPutter Panda
        • ðŸĶRancor
        • ðŸ‡ĻðŸ‡ģRocke
        • ðŸĒRTM
        • 🇷🇚Sandworm Team
        • 🃏Scarlet Mimic
        • ðŸ‡ŽðŸ‡ąScattered Spider
        • ðŸ‡ĩ🇰SideCopy
        • ðŸ‡ŪðŸ‡ģSidewinder
        • 🔕Silence
        • ðŸ‡Ū🇷Silent Librarian
        • ðŸ‡ģ🇎SilverTerrier
        • 🐞Sowbug
        • ðŸ”ąStrider
        • ðŸ‡ĻðŸ‡ģSuckfly
        • ðŸĨƒTA2541
        • ðŸ‡ĻðŸ‡ģTA459
        • 💞TA505
        • 💰TA551
        • ☁ïļTeamTNT
        • 🇷🇚TEMP.Veles
        • ðŸĶģThe White Company
        • ðŸ’ģThreat Group-1314
        • ðŸŦ“Threat Group-3390
        • ðŸ‡ĻðŸ‡ģThreat Group-3390
        • ðŸĶThrip
        • 🐈ToddyCat
        • 🐙Tonto Team
        • ðŸ‡ĩ🇰Transparent Tribe
        • 🐠Tropic Trooper
        • ðŸĒTurla
        • ðŸ‡Ū🇷UNC788
        • ðŸ‡ąðŸ‡§Volatile Cedar
        • ðŸ‡ĻðŸ‡ģVolt Typhoon
        • 🕊ïļWhitefly
        • 🔘Windigo
        • ðŸŠ―Windshift
        • ðŸ‡ĻðŸ‡ģWinnti Group
        • ðŸĨ€WIRTE
        • 🇷🇚Wizard Spider
        • 🎊ZIRCONIUM
      • ðŸđAPT's Software
        • 🐀3PARA RAT
        • 🐀4H RAT
        • ⚱ïļAADInternals
        • ðŸ”ŧABK
        • ⚗ïļAbstractEmu
        • ðŸŠąACAD/Medre.A
        • ðŸ‡ē🇰AcidRain
        • 🐎Action RAT
  • 🐁OS Internal's
    • ðŸĐSuspicious API's
      • ðŸŠĻProcess Information API's
      • ðŸ§ĐRegistry API's
      • 🔒Encryption API's
      • ðŸ“ŊRestore Point API's
      • ðŸ‘ūExfiltration API's
      • ðŸĶ‰Data Wiping API's
      • ðŸ“ĻShadow Copy API's
      • 🊞What is Malicious API's Functions
      • 🌊ïļSystem Information API's
      • 🌀Network Information API's
  • 🊟Windows Internal
    • ðŸ“ĄWindows Internal
      • ðŸĶWhy Windows Internal ?
        • ðŸĩïļProcess
        • ðŸ§ĩThread
        • 🊭Handle
        • 🌐Memory
        • â˜ĒïļRam
        • ðŸĪ–ROM
  • 👁ïļâ€ðŸ—ĻïļMalware Technique
    • 📓Malware Technique
    • ðŸ’ĒObfuscation
      • ðŸĶūAnti-Debugging Techniques
      • 🏗ïļInstruction Substitution
      • 📔Code Obfuscation
      • ðŸ“ĶCode Packing
      • 💈Polymorphism
      • 🌎ïļControl Flow Obfuscation
      • 🊅Data Obfuscation
      • 💅Metadata Obfuscation
      • ðŸŽĢMetamorphism
      • â›ēRuntime Obfuscation
    • 🛌Persistence Mechanism
      • 🔰Registry Persistence Mechanism
      • 🗑ïļTask Sch Persistence Mechanism
      • 📂Startup Folder
      • 🎋AppData Folder
      • ðŸŠđTemp Folder
  • ⚔ïļMalware Resources
    • ðŸ‘ŧMalware Resources
    • 🎇Malware Sample Resources
      • ðŸŒĄïļVirusShare
      • ♠ïļMalShare
      • ðŸšĨMalwareTraffic
      • 🚏Malware Bazaar
  • Malware Analysis Toolkit
    • 🧌Windows Malware Analysis Toolkit
      • 💉Common Online Malware Analysis Toolkit
        • 💎Joe Sandbox
        • 🎊VT - VirusTotal
        • ðŸ‘―Threat.Zone
        • ðŸĶHybrid Analysis
        • ðŸĶ„Any.run
        • ðŸĨŦFilescan
      • ðŸĨStatic Analysis Tools
        • ðŸĄAdvance Static Analysis Tool
      • 💠Dynamic Analysis Tool
        • Advance Dynamic Analysis Tool
      • ðŸĨœNetwork Analysis Tool
      • ðŸĨŸString Dumpers Toolkit
        • 📏Strings
        • ðŸĶžFloss
    • ðŸ“ąAndroid Malware Analysis Toolkit
      • ðŸ•đïļStatic Analysis Toolkit
      • 💠Dynamic Analysis Toolkit
      • ðŸŦ’Online Analysis Toolkit
    • ðŸ“ąIPHONE Malware Analysis Toolkit
      • ðŸĨĒStatic Analysis Toolkit
      • â™ĶïļDynamic Analysis Toolkit
    • ðŸ’ŧMAC OSX Malware Analysis Toolkit
      • ðŸ“ŊStatic Analysis Toolkit
      • 🍭Dynamic Analysis Toolkit
      • 🌎ïļOnline Analysis Toolkit
  • Books and Guidelines
    • 🔋Books and Guidelines for Malware Analysis .
      • 🏋ïļâ€â™€ïļAndroid Malware Analysis 101
      • ðŸĨ–Common Anti-Forensics
      • ðŸĶĢMemory Forensics GUI
      • 📞Assembly for Malware Analyst
      • ðŸ’ūDisk Image Forensics
      • ⚡Volatility Noob to Pro
  • 📋Malware Analysis Tips
    • 🖇ïļMalware Analysis Tips
      • ðŸŪMemory Malware Analysis
      • 🐜Technique to Investigate Process
      • ðŸ’ĨProcess Lists 1
      • ðŸ’ĨProcess Lists 2
      • ðŸ’ĨProcess Lists 3
  • ðŸ§―Incident Response
    • ðŸģWhat is Incident Response
      • Incident Response Tools
      • Incident Response Toolkit
  • Technical Analysis Report
    • ðŸĶŽTechnical Analysis Report
      • ðŸ§ēStuxnet Memory Analysis
  • ðŸšĻRootkit Removal
    • ðŸĪ–Rootkit Removal
  • 🗜ïļAntivirus Artifact
    • ã€―ïļAntivirus Artifact
      • 🀄Antivirus Process Name
  • 🧠Malware Author Mindset
    • ðŸ’―Malware Author Mindset
      • ðŸŦHow Malware Author Terminate Antivirus Process during runtime ?
Powered by GitBook
On this page
  1. Malware Introduction
  2. Advanced Persistence Threat - APT
  3. APT's Software

AcidRain

PreviousACAD/Medre.ANextAction RAT

Last updated 10 months ago

is an ELF binary targeting modems and routers using MIPS architecture. is associated with the ViaSat KA-SAT communication outage that took place during the initial phases of the 2022 full-scale invasion of Ukraine. Analysis indicates overlap with another network device-targeting malware, VPNFilter, associated with . US and European government sources linked to Russian government entities, while Ukrainian government sources linked specifically to .

AcidRain
[1]
AcidRain
Sandworm Team
[1]
AcidRain
AcidRain
Sandworm Team
[2]
[3]
🕷ïļ
🏞ïļ
ðŸđ
ðŸ‡ē🇰
Page cover image