August 18th, 2018 By Vishal Thakur
Spy Wrist Watch 32GB Mini Hidden Camera Record Video Audio DVR DV Camcorder US
 | $27.27 End Date: Friday Jul-26-2019 15:18:16 PDT Buy It Now for only: $27.27 Buy It Now | Add to watch list |
Privacy Anti-Spy Tempered Glass Screen Protector For Samsung Galaxy Note 9 S9 S8
 | $6.49 End Date: Tuesday Jul-23-2019 21:30:28 PDT Buy It Now for only: $6.49 Buy It Now | Add to watch list |
Towards the end of July 2018, we saw a new version of the AZORult trojan being used in malware campaigns targeting computers globally. In this article, we will dive into the malware and analyze its execution flow and payloads.
The initial infection vector is a phishing email that comes with a downloader malware attached. On execution, it downloads and executes the main malware.
This version of the malware comes with two payloads. These are embedded in the main binary and are simply dropped on to the disk and executed. The first payload to be executed is an information stealer that targets local accounts, browsers, saved credentials etc (this is the AZORult part). The second payload is the Aurora ransomware.
We also identified the MalActor “Oktropys” running the Aurora ransomware campaign in this case.
Full Article.
Take a look at the best antivirus, anti-malware, anti-spy, etc. software
Powered by WPeMatico
