Zero-Dwell Threat Intelligence Reports

Malicious Word Executable Embeds Upatre Dropper and Overlay Resource.exe

overlay spreader

Trojan Proxy Qukart Loader with Overlay Payload and Encrypted Channel.exe

overlay spreader

Trojan.Win64.CoinMiner Variant Built with Visual Studio 2019 LTCG/C++.exe

64bits overlay

Malicious nykbkv6.exe: Downloader/Dropper with BHO/StartPage Indicators.exe

long-sleeps overlay detect-debug-environment

Berbew Trojan Loader Using WININET and Winsock for C2 Communications.exe

overlay spreader

Miniduke-Style Installer Using UPX Overlay to Deliver Credential Stealer.exe

overlay checks-user-input idle upx

UPX-Compressed Loader Executes HeavensGate Switch and Drops Payloads.exe

overlay upx

Padodor Backdoor Exhibiting Classic Berbew Traits and Registry Modifications.exe

overlay spreader

Doina-Style Loader Executing Dropped Payloads and Modifying Run Keys.exe

detect-debug-environment idle spreader

Stealer Loader Uses Long-Sleeps, Anti-Debug Checks, and Clipboard Harvesting.exe

64bits detect-debug-environment checks-cpu-name

Go-Built RAT with RequestBin DNS Callbacks and Long-Sleep Evasion.exe

64bits overlay

Malware Downloader Embeds Azorult Payload and Ransom.Stop Traces.exe

spreader