Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)
Essential information
- Published
- 30/05/2024 07:10
- Modified
- 30/05/2024 07:31
- Tags
- 2024-05-30 3proxy antiav cryptominer evasion loader orcusrat purecrypter xmrig
- Related entities
- 11 observables, 15 techniques (mitre), 5 malware
Description
The report analyzes a campaign where threat actors distribute various malware strains like RATs, coinminers, and loaders disguised as cracked versions of popular software. South Korean systems are heavily targeted, with malware persisting via scheduled tasks and evading security products. Detailed technical analysis covers the attack flow, malware functionality, evasion tactics, and infrastructure used in the campaign.