Zero-Dwell Threat Intelligence Reports

AsyncRAT-Linked MSIL Payload Establishing Encrypted Remote Control.exe

long-sleeps detect-debug-environment calls-wmi checks-memory-available assembly

AsyncRAT-Linked Backdoor Exhibiting Strong Persistence And Evasion.exe

long-sleeps detect-debug-environment calls-wmi checks-memory-available spreader assembly malware checks-disk-space service-scan

AsyncRAT Payload Leveraging WMI And Long Sleep Delays.exe

long-sleeps detect-debug-environment calls-wmi spreader assembly checks-bios obfuscated

Packed Executable Executing Dropped Payloads With Long Sleep Evasion.exe

signed 64bits long-sleeps overlay calls-wmi executes-dropped-file checks-network-adapters

AsyncRAT-Linked .NET Payload Using AES Encryption Routines.exe

long-sleeps detect-debug-environment spreader assembly

WannaCrypt Executable Exhibiting Classic Worm And Filecoder Behavior.exe

payload exploit cve-2017-0147

WannaCryptor Variant Creating Services For Persistent Ransomware Execution.exe

overlay spreader malware exploit cve-2017-0147

High-Severity WannaCry Variant Triggering Sixty-Plus Engine Detections.exe

payload exploit cve-2017-0147

Ransomware Worm Creating Malicious Services For Persistent Execution.exe

Ransomware Sample Creating Malicious Services For Persistent Execution.exe

payload exploit cve-2017-0147

WannaCry-Themed Trojan Executable Exhibiting Classic Filecoder Behavior.exe

payload

WannaCry Payload Embedding Massive Resource Section For Hidden Data.exe

payload