216.73.217.80

Malware Spotlight: A Deep-Dive Analysis of WezRat

· Published 14/11/2024 19:13 · Modified 15/11/2024 09:00

Export JSON

Essential information

Published
14/11/2024 19:13
Modified
15/11/2024 09:00
Tags
2024-11-14 backdoor c&c espionage infostealer iran modular phishing wezrat
Related entities
1 intrusion sets (apt), 19 techniques (mitre), 1 malware, 5 others

Description

Check Point Research provides a comprehensive analysis of , a custom attributed to the Iranian cyber group Emennet Pasargad. The malware has been active for over a year, targeting organizations in multiple countries. 's capabilities include executing commands, taking screenshots, uploading files, keylogging, and stealing clipboard content and cookie files. The analysis reveals the malware's evolution, its architecture, and the threat actors' infrastructure. The latest version was distributed through a campaign impersonating the Israeli National Cyber Directorate, demonstrating the group's ongoing development and refinement of this versatile cyber tool.

External references