Youve Got Malware: FINALDRAFT Hides in Your Drafts

1(520) 261-1728

Youve Got Malware: FINALDRAFT Hides in Your Drafts

While investigating REF7707, Elastic Security Labs discovered a new family of previously unknown malware that leverages Outlook as a communication channel via the Microsoft Graph API. This post-exploitation kit includes a loader, a backdoor, and multiple submodules that enable advanced post-exploitation activities. Author: AlienVault

Related Tags:
pe

ntlm hash

elf variant

ref7707

microsoft graph

outlook

pathloader

FINALDRAFT

T1080

Associated Indicators:
83406905710E52F6AF35B4B3C27549A12C28A628C492429D3A411FDB2D28CC8C

39E85DE1B1121DC38A33ECA97C41DBD9210124162C6D669D28480C833E059530

C2E0559907BD721A050A9FEE4448D062F5EDF237

2FDEA656BF50277C8D728E1A005BF1E5157C68D0

D79D5B7742DD848F35424DF325610B2E8A8761EB

764A838236F5DCEB3D199059AD36311E

54C4D47332EBC8BD2505D6E7638717BC

92306905BE5B717654D5B105CD506BDD

http://poster.checkponit.com/nzoMeFYgvjyXK3P

Threat Intel Solutions

Youve Got Malware: FINALDRAFT Hides in Your Drafts

Search

Popular Posts

Youve Got Malware: FINALDRAFT Hides in Your Drafts

Technical Analysis of Xloader Versions 6 and 7 P2

Russian Influence Operations Target German Elections

Categories

Archives

Tags

Follow Us