D3F@ck Loader, the New MaaS Loader
May 21, 2024, 9:07 p.m.
Tags
External References
Description
In March 2024, eSentire's Threat Response Unit (TRU) discovered multiple instances of D3F@ck Loader infections being propagated via Google Ads. This new loader, which debuted on hacking forums in January 2024 (Figure 1), can allegedly bypass several key security features such as Google Chrome, Edge, Windows Defender alerts, and SmartScreen.
Date
Published: May 21, 2024, 9:03 p.m.
Created: May 21, 2024, 9:03 p.m.
Modified: May 21, 2024, 9:07 p.m.
Indicators
116.202.188.155
194.147.35.251
https://pastebin.com/raw/ZmJsLQWU
Attack Patterns
T1110
T1199
T1055
T1553
T1059
CVE-2024-3400
Additional Informations
Food
Construction
Retail
Healthcare
Legal
Education
Finance
Government
Manufacturing