216.73.216.133

WorkersDevBackdoor and MadMxShell converge in malvertising campaigns

· Published 15/07/2024 14:52 · Modified 15/07/2024 15:26

Export JSON

Essential information

Published
15/07/2024 14:52
Modified
15/07/2024 15:26
Tags
2024-07-15 madmxshell malvertising workersdevbackdoor
Related entities
51 observables, 14 techniques (mitre), 2 malware

Description

This report analyzes two recent malware distribution campaigns that leverage techniques. The campaigns deliver the and backdoors, which have data exfiltration capabilities and can facilitate ransomware deployment. The malware's delivery infrastructure, including command and control servers, exhibits overlapping connections, suggesting potential collaboration or shared resources between the threat actors behind these campaigns. The report provides insights into the tactics, techniques, and procedures employed in these campaigns, highlighting their targeting of IT personnel through tailored payloads and victim filtering mechanisms.

External references