ALDIBOT - Threat Encyclopedia
Tags
attack-pattern: Data Active Setup - T1547.014 Hardware - T1592.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090 Denial Of Service
Show in Graph
Common Information
Type Value
UUID 9ec0c922-0002-45bc-96aa-8aafc24c0303
Fingerprint 25298b788bfb2b55
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 3, 2014, midnight
Added to db Sept. 26, 2022, 9:30 a.m.
Last updated Oct. 16, 2024, 2:32 a.m.
Headline ALDIBOT
Title ALDIBOT - Threat Encyclopedia
Detected Hints/Tags/Attributes 27/1/12
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/aldibot
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
w2c.ru
Details Domain 1 
ke.com
Details Domain 1 
ued.de
Details File 1 
audiotreiber_x64.exe
Details File 1 
hklm.exe
Details File 1 
nvsvc32.exe
Details File 1 
windowsie.exe
Details File 101 
gate.php
Details Url 1 
http://www.{blocked}ued.de/aldi/gate.php?hwid={hwid}&pc={host
Details Windows Registry Key 25 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
Details Windows Registry Key 22 
HKEY_CURRENT_USER\Software\Microsoft
Details Windows Registry Key 6 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet