Blogs
Malware Library
Zero-Dwell Threat Intelligence Reports
Network Communication Initiated via HTTP by Lynx Ransomware Payload
.exe
overlay
payload
Command-Line Process Spawned to Launch Payload by Lynx Ransomware
.exe
detect-debug-environment
spreader
assembly
payload
Outbound C2 Communication Established via Dynamic DNS by Lynx Ransomware
.exe
long-sleeps
detect-debug-environment
idle
spreader
assembly
Nova Ransomware Pushes Evasion Further with Fileless-Like Deployment Tricks
.exe
64bits
detect-debug-environment
Advanced Anti-Analysis Tricks Keep Nova Ransomware Hidden From Defenders
.exe
payload
From Execution to Encryption, Nova Ransomware Delivers a Fast and Aggressive Kill Chain
.exe
64bits
detect-debug-environment
payload
Aggressive File Discovery and Locking Workflow Observed During Nova Ransomware Attacks
.exe
overlay
detect-debug-environment
Nova Ransomware Accelerates File Encryption Using High-Performance Crypto Routines
.exe
64bits
detect-debug-environment
calls-wmi
Windows API Functions Leveraged for Malicious Execution Flow by Nova Ransomware
.exe
64bits
detect-debug-environment
payload
64-Bit Payload Executed to Encrypt Local Files by Nova Ransomware
.exe
64bits
detect-debug-environment
calls-wmi
payload
Windows Directory Abused for Payload Placement by Nova Ransomware
.exe
64bits
payload
Obfuscated MSIL Payload Executed via .NET Runtime by Lynx Ransomware
.exe
spreader
assembly
payload
Posts navigation
← Previous
1
…
4
5
6
7
8
…
59
Next →
