One more #Bisonal #APT malware from recent attacks against Russia and South Korea.
— Alexey Vishnyakov (@Vishnyak0v) January 13, 2020
XOR encrypted payload. RC4 encrypted strings and C2 communication remains the same.
221b9de416d42a979288cfa196912af4
15af764731c257caf1ee26d1cfc049a9
etude.servemp3[.]comhttps://t.co/LzpkqAkOrL pic.twitter.com/HKjmMt4ch7
via Twitter https://twitter.com/Vishnyak0v
January 13, 2020 at 08:50PM
0 件のコメント:
コメントを投稿