On February 23, 2022, HermeticWiper malware was unleashed on Ukrainian organizations by suspected pro-Russian actors.
In this threat intelligence report, LogRhythm Labs guides you through a technical analysis of HermeticWiper to help you detect this type of malware.
Understanding the technical aspects behind HermeticWiper will help you better prepare against similar techniques. Read this report to:
HermeticWiper is a well-written and effective type of malware that was deployed on Ukrainian targets immediately before Russia’s invasion in February 2022. It is named after the company, Heremetica Digital Ltd, and it is one of many recent wipers seen that likely originated from pro-Russian actors.
HermeticWiper is a 32-bit Windows executable and requires administrative privileges to run. HermeticWiper runs for several minutes and performs the following actions:
HermeticWiper uses several well-known MITRE ATT&CK™ techniques that can be identified with behavioral detections. To learn more about how to detect this malware and be ready to defend against similar techniques, download this threat intelligence report.
LogRhythm Labs is comprised of qualified threat researchers who help security professionals detect and respond to attacks by combining actionable intelligence with advanced analytics.
The team’s threat intelligence reports keep you up to date on the latest threats, such as HermeticWiper malware, to ensure you’re adequately informed and to improve your cybersecurity defense.
© LogRhythm, Inc. All Rights Reserved.