Zero-Dwell Threat Intelligence Reports

MSIL AsyncRAT Sample Triggering Widespread High-Confidence Detections.exe

detect-debug-environment spreader assembly malware executes-dropped-file

WinPEAS Binary Triggering Widespread Hacktool And Trojan Detections.exe

64bits detect-debug-environment calls-wmi spreader assembly checks-cpu-name

MSIL Quasar Payload Establishing Encrypted Remote Command Channel.exe

long-sleeps detect-debug-environment checks-user-input assembly

MSIL Malware Leveraging WMI Queries And TLS Communication.exe

calls-wmi assembly payload

High-Severity AsyncRAT Sample With Persistent C2 Connectivity.exe

detect-debug-environment spreader assembly obfuscated

AsyncRAT Backdoor With hVNC And Encrypted C2 Channel.exe

assembly

AsyncRAT Payload Leveraging Dynamic DNS For Remote Access.exe

assembly malware payload

Signed .NET Enumeration Tool Triggering Widespread Hacktool Detections.exe

64bits detect-debug-environment calls-wmi spreader assembly

AsyncRAT Payload Masquerading As System Utility For Stealth.exe

64bits detect-debug-environment calls-wmi idle malware obfuscated

Signed VB.NET Trojan Abusing RunKey Persistence For Startup Execution.exe

overlay detect-debug-environment spreader assembly

Shellcode-Driven Trojan Exhibiting Downloader And Backdoor Capabilities.exe

calls-wmi checks-user-input malware persistence

MSIL AsyncRAT Backdoor Using Encrypted TCP Command Channels.exe

64bits detect-debug-environment checks-user-input assembly obfuscated