Shamoon 2 Malware Analysis Report

Discover actionable intelligence from the LogRhythm Labs Threat Research team

The Shamoon 2 malware attempts to spread to other systems on the local network or Active Directory domain of the victim system. It overwrites—or wipes—files in hardcoded directories on each system.

The malware destroys data and renders the system inoperable, while also attempting worm-like behavior in an attempt to spread the malware to other systems on the network.

This report provides actionable intelligence regarding threat actors and the malware or tools they use for reconnaissance, delivery, exploitation, and so forth so your team can be empowered to more quickly detect and respond to this threat.

Download the full report to get:

  • New research on Shamoon 2 from the LogRhythm Labs Threat Research team
  • Major findings of the campaign analysis
  • Prevention and remediation recommendations
  • Sample metadata
  • LogRhythm AI Engine detection rules
  • LogRhythm SmartResponse™ automated playbook actions
Shamoon 2 Malware Analysis Report by LogRhythm Labs