Zero-Dwell Threat Intelligence Reports

Signed .NET Enumeration Tool Triggering Widespread Hacktool Detections.exe

64bits detect-debug-environment calls-wmi spreader assembly

AsyncRAT Payload Masquerading As System Utility For Stealth.exe

64bits detect-debug-environment calls-wmi idle malware obfuscated

Signed VB.NET Trojan Abusing RunKey Persistence For Startup Execution.exe

overlay detect-debug-environment spreader assembly

Shellcode-Driven Trojan Exhibiting Downloader And Backdoor Capabilities.exe

calls-wmi checks-user-input malware persistence

MSIL AsyncRAT Backdoor Using Encrypted TCP Command Channels.exe

64bits detect-debug-environment checks-user-input assembly obfuscated

MSIL Backdoor Masquerading As Client Application With AsyncRAT Traits.exe

assembly

Obfuscated .NET Trojan Using WMI Checks And Long Sleep Evasion.exe

long-sleeps overlay detect-debug-environment calls-wmi checks-memory-available assembly

AsyncRAT-Linked Payload Using Encrypted TCP Command Channels.exe

long-sleeps detect-debug-environment calls-wmi checks-memory-available spreader assembly malware checks-disk-space

Quasar RAT Network Beaconing And Credential Theft Behavior.exe

detect-debug-environment calls-wmi checks-user-input assembly malware

AsyncRAT Backdoor Using Encrypted TCP Command And Control.exe

calls-wmi assembly malware payload

Heavily Detected .NET Backdoor Showing Strong Anti-Analysis Techniques.exe

calls-wmi assembly

AsyncRAT Payload Establishing Encrypted Remote Command Execution Channel.exe

64bits detect-debug-environment calls-wmi spreader assembly