Intezer - Intezer Analyze May Community Roundup

Intezer Analyze May Community Roundup

Written by Intezer

    First Name
    Last Name
    Job Title
    Company
    Email
    Country

    Join our free community
    Get started
    Share Article
    FacebookTwitterLinkedIn

    See below some of the threats our community detected this month

    1. Fileless Dridex sample, originally with five detections in VirusTotal, contains a payload that unpacks itself as shellcode. Learn about Intezer Analyze’s NEW unpacking capabilities

    Screen Shot 2020 05 21 at 3.13.10 PM

    2. H2Miner, with only two out of 59 detections in VirusTotal, targets vulnerable SaltStack instances using CVE-2020-11651/2. Exploitation of SaltStack Vulnerabilities Signals Increase in Cloud Server Attacks

    Screen Shot 2020 05 21 at 3.25.41 PM

    3. Another H2Miner sample, also with two detections in VirusTotal, exploits vulnerabilities CVE-2020-11651/2.

    Screen Shot 2020 05 21 at 4.02.00 PM

    4. Fully undetected Linux LD-PRELOAD userland rootkit uploaded from the United States and Russia, hides SSH connections via hooking fopen on /dev/net/tcp and conceals itself via hooking readdir.

    Screen Shot 2020 05 24 at 12.46.33 PM

    5. Cross-platform wellmess Linux sample, written in Golang, has four detections in VirusTotal.

    Screen Shot 2020 05 21 at 3.32.55 PM

    6. Emotet sample, uploaded from Japan, has five out of 70 detections in VirusTotal. Automatic unpacking in Intezer Analyze reveals the payload shares code with an older Emotet variant. Search by hash fccc6f6e8b036fd9536649cfaef73b6e to analyze the older variant in Intezer Analyze. Try it Now

    Screen Shot 2020 05 21 at 3.42.29 PM


    Join the thousands of security professionals using the Intezer Analyze community edition to investigate suspicious
    files and devices. Sign up for free at analyze.intezer.com.

    Check out the new features on our YouTube channel:
    NEW Malware Family View
    NEW Unpack Evasive Payloads in Memory
    NEW Search by String

    Intezer

    For A Stronger Cyber Immune System

    © Intezer.com 2021 All rights reserved