Analysis of Redline Infostealer Campaign
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
Remcos is a remote access trojan malware which is used to take remote control over infected PCs. Once Remcos RAT infects the system, a threat actor has the ability to execute remote commands on the user’s system. Also, Remcos gives them an option to run a keylogger and/or conduct surveillance (audio + screenshots) activity on the system.
Remcos RAT infects its victims by initial infection vectors of spam emails. This kind of email file comes with password-protected archives format attachments, which contains the JavaScript file. Usually, these .JS files are embedded with malicious URL to download the payload file, likewise it uses known infection from [tgc8x.XX] domain in-order to download the payload files.
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
Agent Tesla is a password-stealer and remote access trojan that collects information about the actions of its victims by eavesdropping on keystrokes and user interactions. It is marketed as...
AsyncRAT (Asynchronous Remote Access Trojan) is an open source remote administration malware that enables an attacker to take control of a victim's computer. It is a powerful tool that allows the...
In the previous post, we have seen the Agent Tesla malware has infected its victims by using .PS1 Powershell script to invoke the web request from the Blacklisted IPs. Agent Tesla’s successful...
Cobalt Strike is a popular penetration testing tool that allows users to emulate advanced threats, perform reconnaissance, hide communications, escalate privileges, move laterally across the...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...
QuasarRAT (aka: CinaRAT, Yggdrasil) is a well-known open-source remote access trojan (RAT) that has been widely spread in the wild which is developed using the C# programming language and also as...
Remcos RAT, also known as Remote Control and Surveillance RAT, is a remote access Trojan (RAT) that enables attackers to take control and get unauthorised access to a victim's computer. Malicious...
Lorenz is a human operated ransomware group that targets global organizations. To pressurize the victim, the malware operator threatens the user to leak data online if the ransom is not paid. The...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...