Zero-Dwell Threat Intelligence Reports

RGSS3-Based Executable Carrying Nimnul/Wapomi Infection Payload.exe

spreader

Trojan Downloader Installs CryptoLocker and Modifies Autorun Keys.exe

overlay spreader

Signed KMSAuto.exe Trojan (SBEscape/Wingo) with Embedded Overlay Stager.exe

signed 64bits long-sleeps overlay spreader

Trojan.Win32.Reconyc Employing Registry Modification and Process Masquerading.exe

overlay spreader enigma obsidium

Trojan.Padodor Executable Employing COM and Registry Hooks for Persistence.exe

spreader

Qukart Proxy Trojan Employing WININET API for C2 Communication.exe

overlay spreader

Padodor Trojan Dropper Deploying Embedded Payload Through Mandiant-Flagged Config.exe

overlay spreader

Backdoor.Win32.Padodor Employing WININET API for Data Exfiltration.exe

overlay spreader

Medium-Severity Ryuk Infection Using Delphi-Built Dropper and Overlay Payloads.exe

overlay bobsoft

Expiro File Infector Spreads via Compromised Legitimate Executable.exe

long-sleeps detect-debug-environment spreader

Berbew/Qukart Trojan Using ShellServiceObjectDelayLoad Autorun.exe

overlay spreader

Temp-Stager Upatre Fetcher Executes Remote Tasks and Writes Overlay Payload.exe

overlay spreader