Multiple Malware Dropped Through MSI Package

1(520) 261-1728

Multiple Malware Dropped Through MSI Package

An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware employs techniques like executing malicious scripts, disabling security measures, and establishing persistence through scheduled tasks. It communicates with command-and-control servers located in Russia. The investigation underscores the importance of exercising caution when dealing with untrusted software packages. Author: AlienVault

Related Tags:
T1059.005

T1059.007

T1053.005

T1064

T1059.001

T1037

Russian Federation

T1059.003

Associated Indicators:
7808F3AEA222CDBEC2E53B126F46195F4523E9501882B94E0CD42E30F8484F32

69CAD2BF6D63DFC93B632CFD91B5182F14B5140DA22F9A0CE82C8B459AD76C38

6DDE74FFD397B5FB346F9CA050F6095C

filemanaager.net

http://83.97.73.190:4819

http://213.109.202.229:9000/wbinjget?q=6DDE74FFD397B5FB346F9CA050F6095C

http://193.3.19.108/bart.jpg

http://193.3.19.108/Meta.jpg.

193.3.19.108

Threat Intel Solutions

Multiple Malware Dropped Through MSI Package

Search

Popular Posts

2024 macOS Malware Review | Infostealers, Backdoors, and APT Campaigns Targeting the Enterprise

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

MintsLoader: StealC and BOINC Delivery

Categories

Archives

Tags

Follow Us