From Document to Script: Insides of DarkGate's Campaign
May 21, 2024, 11:37 a.m.
Tags
External References
Description
Forcepoint researchers identified a DarkGate malware campaign where victims were sent PDF lures impersonating Intuit QuickBooks invoices from a compromised email.
Date
Published: May 21, 2024, 11:34 a.m.
Created: May 21, 2024, 11:34 a.m.
Modified: May 21, 2024, 11:37 a.m.
Indicators
smbeckwithlaw.com
amishwoods.com
amikamobile.com
affixio.com
affiliatebash.com
afcmanager.net
afarm.net
aerospaceavenue.com
adztrk.com
adventsales.co.uk
kindupdates.com
Attack Patterns
DarkGate
T1055
T1566
T1059