Zero-Dwell Threat Intelligence Reports

Obfuscated .NET Backdoor Using Scheduled Tasks For Persistent Execution.exe

spreader assembly malware

AsyncRAT-Like Trojan Establishing Encrypted Remote Command Channels.exe

detect-debug-environment checks-user-input assembly

Win64 AsyncRAT Backdoor Establishing Encrypted TCP Command Channel.exe

64bits detect-debug-environment spreader

AsyncRAT-Linked MSIL Payload Establishing Encrypted Remote Control.exe

long-sleeps detect-debug-environment calls-wmi checks-memory-available assembly

AsyncRAT-Linked Backdoor Exhibiting Strong Persistence And Evasion.exe

long-sleeps detect-debug-environment calls-wmi checks-memory-available spreader assembly malware checks-disk-space service-scan

AsyncRAT Payload Leveraging WMI And Long Sleep Delays.exe

long-sleeps detect-debug-environment calls-wmi spreader assembly checks-bios obfuscated

Packed Executable Executing Dropped Payloads With Long Sleep Evasion.exe

signed 64bits long-sleeps overlay calls-wmi executes-dropped-file checks-network-adapters

AsyncRAT-Linked .NET Payload Using AES Encryption Routines.exe

long-sleeps detect-debug-environment spreader assembly

WannaCrypt Executable Exhibiting Classic Worm And Filecoder Behavior.exe

payload exploit cve-2017-0147

WannaCryptor Variant Creating Services For Persistent Ransomware Execution.exe

overlay spreader malware exploit cve-2017-0147

High-Severity WannaCry Variant Triggering Sixty-Plus Engine Detections.exe

payload exploit cve-2017-0147

Ransomware Worm Creating Malicious Services For Persistent Execution.exe