Zero-Dwell Threat Intelligence Reports

Fake Support Tool Executable Deploying Trojan.Dropper.Daws Payload.exe

spreader

Trojan Downloader Delivering Zbot Payload via HTTP from Iranian-Hosted Sites.exe

overlay spreader

Salgorea/Upatre Trojan Masquerading as Microsoft Word Executable.exe

overlay detect-debug-environment spreader

RGSS3-Based Executable Carrying Nimnul/Wapomi Infection Payload.exe

spreader

Trojan Downloader Installs CryptoLocker and Modifies Autorun Keys.exe

overlay spreader

Signed KMSAuto.exe Trojan (SBEscape/Wingo) with Embedded Overlay Stager.exe

signed 64bits long-sleeps overlay spreader

Trojan.Win32.Reconyc Employing Registry Modification and Process Masquerading.exe

overlay spreader enigma obsidium

Trojan.Padodor Executable Employing COM and Registry Hooks for Persistence.exe

spreader

Qukart Proxy Trojan Employing WININET API for C2 Communication.exe

overlay spreader

Padodor Trojan Dropper Deploying Embedded Payload Through Mandiant-Flagged Config.exe

overlay spreader

Backdoor.Win32.Padodor Employing WININET API for Data Exfiltration.exe

overlay spreader

Medium-Severity Ryuk Infection Using Delphi-Built Dropper and Overlay Payloads.exe

overlay bobsoft