Tag: alternate data streams

1 Attack Reports | 0 Vulnerabilities

Attack reports

Hidden in Plain Sight: New Attack Chain Delivers Espionage RATs

An advanced persistent threat group, TA397, targeted a Turkish defense organization with a sophisticated attack chain. The campaign used a RAR archive containing a decoy PDF, a shortcut file, and an Alternate Data Stream with PowerShell code. The infection process involved creating a scheduled task…

scheduled tasks

alternate data streams

Published: December 17, 2024

Downloadable IOCs: 0

Click here to see more Attack Reports