Zero‑Dwell Threat Intelligence Reports Archive - Page 10 of 50

Heracles/Tasker Variant Exhibits Schtasks Persistence and Backdoor Behavior.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:54:20 UTC […]

calls-wmiassemblypayload

XWorm Variant Masquerades as System Process and Rewrites Winlogon Userinit Key.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:54:05 UTC

long-sleepsdetect-debug-environmentcalls-wmiassemblypersistenceobfuscated

XWorm Variant Adds Defender Exclusions and Creates High-Privilege Scheduled Task.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:53:54 UTC

detect-debug-environmentcalls-wmichecks-user-inputassemblymalware

Themida-Packed Swift.exe Flags as Trojan.Malgent With High-Severity Hits.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:53:40 UTC

64bitsdetect-debug-environmentcorruptthemida

XWorm Variant Shows Dual C2, AES Keys, and Full RAT Features.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:53:25 UTC

calls-wmiassemblypayload

XWorm V6.4 Backdoor Uses TCP + Telegram C2 for Remote Control.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:53:13 UTC

calls-wmichecks-user-inputassemblypersistencepayload

XWorm Variant Performs ip-api Recon and Beacons to TCP C2 on 56475.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:53:03 UTC

detect-debug-environmentcalls-wmiassemblymalwareobfuscated

Roblox Account Manager.exe Flags High-Severity Trojan/GameHack Traits.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:52:50 UTC

long-sleepsdetect-debug-environmentchecks-user-inputassemblyexecutes-dropped-filepersistenceclipboardchecks-usb-bus

Packed XWorm V6.5 Sample Detected With Telegram ChatBot Indicators.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:52:39 UTC

detect-debug-environmentchecks-user-inputassembly

Packed Crack Tool Unmasked as XWorm/Packy Trojan With Temp Payload.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:52:25 UTC

long-sleepsdetect-debug-environmentcalls-wmichecks-memory-availableassembly

MSIL Dropper Executes PowerShell Defender Bypass and Drops nerestpc.exe.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:52:07 UTC

long-sleepsdetect-debug-environmentcalls-wmichecks-user-inputassemblypersistence

Win64 XWorm Backdoor Abuses Shell-Open Registry for Persistence.exe

Zero‑Dwell Threat Intelligence Report A narrative, executive‑ready view into the malware’s behavior, exposure, and reliable defenses. Generated: 2025-11-27 12:51:50 UTC

64bitsoverlayspreader