Raspberry Robin Keeps Riding the Wave of Endless 1-Days [Thursday, February 08, 2024]

Raspberry Robin malware continues to rapidly adopt new exploits, using two new local privilege escalation exploits before disclosure. It has added ...
Raspberry Robin Keeps Riding the Wave of Endless 1-Days [Thursday, February 08, 2024]
Raspberry Robin Keeps Riding the Wave of Endless 1-Days

Raspberry Robin Keeps Riding the Wave of Endless 1-Days

Description :
Raspberry Robin malware continues to rapidly adopt new exploits, using two new local privilege escalation exploits before disclosure. It has added anti-analysis checks, uses V3 onion domains for C2, and disguises initial access as a Windows component.

Published Created Modified
2024-02-08 15:04:39 2024-02-08 15:04:39 2024-02-08 15:25:54

Tags

Indicators

Domains : Malwares :
  • Raspberry Robin
Hashes :
  • c0c92c3c7925965e6b1131e36d76c97f6719bb37c0cedbeab3e906bf600fcef0
  • c6074b63c0ad279ae67a54677a8f037775c6dfbcf9085a0ff0c2a63245b60093
  • 189f22d5372806c1faaec4d89aaf8bc6837ce653281248d4fc90126d8a6755d0
  • 697c15125b83c58c29d4235fd7b37c3f48c10630046be4952c220a4631acf05b
  • 7e8315426befbcf3a2fca9a3ad4d0f072d9a184467ae7939920389b4a89f5116
  • fe8d7cb87345ad74b512ee0dd0bd597413d8f937b476e6d563a59125adc13158
  • ca629b499a3a5cb52457f8f908bff3e5429f8574ba776499739490ff78e69094
  • 07e5004a0a3a9129560237ab22d73f44d263204c5b6e15bbb7f17cd6171c87e1
  • eee7dac3cb9d776843bac9f2bbf633b72dd366adc66b78d34a6071d47f1bf007
  • eb12a5b640ef9bc07af0b59720e005cba41e7b3171ee3bdd9ecbc85b197586bb
  • 537cb91a737213adaec1290188dd4ec6300166595dee034cf24f9080326a3b3b
  • 1235a8b1f7484da4a7efbae115f56b521dd3028b752786656498ec07e156f853
  • f856db3dc69a1b816804a021e6e458ba4b3bf9a93e7fe2e0b57725ebdff1819d
  • c5d765b773684e851a180152516c45802098a6cd259b81ee4bd98b04607bd0ef
  • 571e6b37c9acea3add612769d2615f3ad1d2e151b08f8c6eace0cbce0461428a
  • fd0a3ec3b1564210e261892d8ceb51637380d0326387605bdccaef44a25221bf
  • 1d5ae3117e171eab5919175c9fc677e872f1ef9f52e0c3c7ee4c3d858cd48a48
MITRE ATT&CK Techniques : Other observables :
  • CVE-2023-29360
  • CVE-2023-36802
  • CVE-2021-1732

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.