Estimated reading time: 5 minutes
Overview Seqrite Labs APT-Team has identified and tracked UNG0002 also known as Unknown Group 0002, a bunch of espionage-oriented operations which has been grouped under the same cluster conducting campaigns across multiple Asian jurisdictions including China, Hong Kong, and...
Estimated reading time: 10 minutes
Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and Infrastructure. Attribution Conclusion Seqrite Protection. IOCs MITRE ATT&CK. Authors: Subhajeet Singha...
Estimated reading time: 14 minutes
Content Introduction Initial Findings. Looking into the decoy. Infection Chain. Technical Analysis. Stage 1 – Malicious LNK Script. Stage 2 – Malicious Pterois Implant. Stage 3 – Malicious Isurus Implant. Stage 4 – Malicious Cobalt Strike Shellcode. Infrastructure and...Estimated reading time: 10 minutes
Contents Introduction Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Looking into the decoy-document Technical Analysis Stage 1 – Malicious RAR File Stage 2 – Malicious .NET malware-dropper Stage 3 – Malicious Golang Shellcode loader Stage 4...Estimated reading time: 10 minutes
Silent Lynx APT Targets Various Entities Across Kyrgyzstan & Neighbouring Nations Contents Key Targets Industries Affected Geographical Focus Infection Chain Initial Findings Campaign 1 Looking into the malicious email Looking into decoy document. Campaign 2 Looking into the malicious...
Estimated reading time: 11 minutes
Contents Introduction Key Targets. Industries Affected. Geographical Focus. Initial Findings. Looking into the decoy-document – I Looking into the decoy-document – II Infection Chain. Technical Analysis Stage 1 – Malicious LNK Script & VBScript. Stage 2 – Malicious Cobalt...
Estimated reading time: 9 minutes
Seqrite Labs APT-Team has recently found a campaign targeting the Czech Republic. The campaign targets government and military officials with multiple lures aimed at the relationship between NATO and the Czech Republic. The entire malware ecosystem is involved in...
Estimated reading time: 8 minutes
Seqrite Labs APT-Team has recently discovered multiple campaigns involving fake PayPal lures. These are targeting individuals around the globe with a new variant of ransomware known as Cronus. In this case, the malware is developed in PowerShell and is...