216.73.217.86

Tracking the Surge in Non-PE Cyber Threats

· Published 09/05/2024 15:04 · Modified 09/05/2024 15:23

Export JSON

Essential information

Published
09/05/2024 15:04
Modified
09/05/2024 15:23
Tags
2024-05-04 2024-05-05 2024-05-06 2024-05-07 2024-05-08 2024-05-09 analysis asyncrat infection chain spam
Related entities
13 observables, 1 intrusion sets (apt), 18 techniques (mitre), 1 malware

Description

This intelligence report details a sophisticated that culminates in the deployment of , a potent malware designed to breach computer systems and steal confidential data. The meticulous unravels the intricate sequence, commencing with a email containing a malicious HTML attachment that triggers the download of various file types, including Windows Script Files, Visual Basic Scripts, and PowerShell scripts. These files work in tandem to bypass security mechanisms, establish persistence, and ultimately lead to the injection of the payload into the aspnet_compiler.exe process.

External references