Blog | G5 Cyber Security

GrooveMonitor: Another Wiper Copycat?

Iranian CERT has announced a new piece of wiper-like malware. Malware checks if the date matches with a number of pre-defined dates. It will then try to delete all files from drive D through I. The malware will also wipe files from the users desktop. There is also a 16-bit SLEEP file, which is not malicious. The author seems to have used (a variant of) this particular BAT2EXE tool to turn them into Windows PE files.”]

Source: https://securelist.com/groovemonitor-another-wiper-copycat/34811/

Exit mobile version