216.73.217.80

Analysis of Golang Payload and Information Theft Campaign

· Published 30/07/2024 16:14 · Modified 30/07/2024 16:32

Export JSON

Essential information

Published
30/07/2024 16:14
Modified
30/07/2024 16:32
Tags
2024-07-30 apt client.exe espionage exfiltration golang malware pakistan quasar winver.exe
Related entities
8 observables, 1 intrusion sets (apt), 19 techniques (mitre), 2 malware, 1 others

Description

The report details a recent cyber attack campaign attributed to the -C-09 (Mozambique) threat group, which has historically targeted and surrounding nations. The campaign employed a novel payload and RAT to gather sensitive information. The analysis covers the techniques used by the , including command execution, screen capturing, and data via encrypted channels. The report also provides insights into the group's evolving tactics and expanding arsenal of attack tools.

External references