Shielding Networks From Androxgh0st [Friday, March 22, 2024]

AndroxGh0st is a Python-based malware targeting Laravel applications by scanning and extracting sensitive data from .env files. It exploits vulnera...
Julien B.
1 min read
Shielding Networks From Androxgh0st [Friday, March 22, 2024]
Shielding Networks From Androxgh0st

Shielding Networks From Androxgh0st

Description :
AndroxGh0st is a Python-based malware targeting Laravel applications by scanning and extracting sensitive data from .env files. It exploits vulnerabilities like CVE-2017-9841, CVE-2018-15133, and CVE-2021-41773 to compromise systems. Mitigation measures include patching, network security, credential protection, and behavioral analysis.

Published Created Modified
2024-03-22 11:13:05 2024-03-22 11:13:05 2024-03-22 11:41:50

Tags

webshelldata theftphp webshelllinux minerandroxghost

Indicators

Malwares :
  • Androxgh0st
Hashes :
  • f6f240dc2d32bfd83b49025382dc0a1cf86dba587018de4cd96df16197f05d88
  • 3b04f3ae4796d77e5a458fe702612228b773bbdefbb64f20d52c574790b5c81a
  • ca45a14d0e88e4aa408a6ac2ee3012bf9994b16b74e3c66b588c7eabaaec4d72
  • 0df17ad20bf796ed549c240856ac2bf9ceb19f21a8cae2dbd7d99369ecd317ef
  • bb7070cbede294963328119d1145546c2e26709c5cea1d876d234b991682c0b7
  • 23fc51fde90d98daee27499a7ff94065f7ed4ac09c22867ebd9199e025dee066
  • 6b5846f32d8009e6b54743d6f817f0c3519be6f370a0917bf455d3d114820bbc
MITRE ATT&CK Techniques :
T1499T1505T1027T1190T1059

External References

You can download the txt file containing the indicators by clicking on the button below:

Reports Malware Reports webshell data theft php webshell linux miner androxghost 2024-03-22
About the author
Julien B.

Julien B.

Read next

IT threat evolution Q3 2023 [Tuesday, December 5, 2023]

APT29 Uses WINELOADER to Target German Political Parties [Monday, March 25, 2024]

SideCopy’s Multi-platform Onslaught: Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT [Tuesday, November 7, 2023]

Raspberry Robin and its new anti-emulation trick [Monday, April 08, 2024]

Gaza Cybergang | Unified Front Targeting Hamas Opposition [Thursday, December 14, 2023]

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Your link has expired.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.