Cybersecurity analysts have discovered an unknown malware campaign combining two methods never before employed by the cybercriminals to infect victims’ machines with fileless malware.
Shellcode can be injected directly into Windows event log files using this technique. The Windows event logs can thus be used by adversaries to hide their malicious Trojans in the process of downloading them.
The researchers discovered this campaign in February, and it is believed that the unknown adversaries have been operating since then.
Malware payload is delivered by a series of injection tools and anti-detection techniques used by the attackers behind the campaign.
Infection Chain
In the course of investigating the campaign, experts found a number of techniques and modules that appear to be quite innovative, and sophisticated. In order to technically describe them, they are all divided into different classes.
Here below we have mentioned some sets of modules below:-
Fileless Malware
At some point, the adversary drives the target’s computer to a legitimate website, in order to launch the first stage of the attack.
Once the target is lured into downloading the .RAR file, it will be boobyt ..
Support the originator by clicking the read the rest link below.
