Skip to content

Home
Blog
Services
Malware Library
About
Why Us
Contact

Home
Blog
Services
Malware Library
About
Why Us
Contact

Zero‑Dwell Threat Intelligence Reports

Command-Line Process Spawned to Launch Payload by Lynx Ransomware.exe

detect-debug-environmentspreaderassemblypayload

Outbound C2 Communication Established via Dynamic DNS by Lynx Ransomware.exe

long-sleepsdetect-debug-environmentidlespreaderassembly

Nova Ransomware Pushes Evasion Further with Fileless-Like Deployment Tricks.exe

64bitsdetect-debug-environment

Advanced Anti-Analysis Tricks Keep Nova Ransomware Hidden From Defenders.exe

payload

From Execution to Encryption, Nova Ransomware Delivers a Fast and Aggressive Kill Chain.exe

64bitsdetect-debug-environmentpayload

Aggressive File Discovery and Locking Workflow Observed During Nova Ransomware Attacks.exe

overlaydetect-debug-environment

Nova Ransomware Accelerates File Encryption Using High-Performance Crypto Routines.exe

64bitsdetect-debug-environmentcalls-wmi

Windows API Functions Leveraged for Malicious Execution Flow by Nova Ransomware.exe

64bitsdetect-debug-environmentpayload

64-Bit Payload Executed to Encrypt Local Files by Nova Ransomware.exe

64bitsdetect-debug-environmentcalls-wmipayload

Windows Directory Abused for Payload Placement by Nova Ransomware.exe

64bitspayload

Obfuscated MSIL Payload Executed via .NET Runtime by Lynx Ransomware.exe

spreaderassemblypayload

Secondary Payload Deployed via Dropper Component by Lynx Ransomware.exe

spreaderassemblypayload

Post pagination

← Previous 1 2 3 4 … 56 Next →

Copyright © 2026 Xcitium All Rights Reserved

Scroll to Top