SecuriTricks - installer

HijackLoader evolution: abusing genuine signing certificates

A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.

loader

powershell

Published: October 15, 2024

Downloadable IOCs: 69

Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity

On July 24, 2024, CrowdStrike Intelligence identified an unattributed spearphishing attempt delivering an inauthentic installer impersonating CrowdStrike's Crash Reporter through a website targeting a German entity. The site utilized JavaScript obfuscation to deliver the malicious installer, which …

Published: July 31, 2024

Downloadable IOCs: 5

Warning Against the Distribution of Malware Disguised as Software Cracks

This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to prevent the installation of V3 Lite, an anti-malware solution, by terminating its installation process. This tactic allows them to maintain persistence and continue upda…

Published: July 19, 2024

Downloadable IOCs: 1

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Rapid7 discovered that version 8.3.7 of the JAVS Viewer software from Justice AV Solutions contained a backdoor installer allowing attackers to gain remote control over affected systems. The malicious installer included a binary named fffmpeg.exe which executed obfuscated PowerShell scripts and fac…

credential harvesting

Published: May 24, 2024

Downloadable IOCs: 10

Tag: installer

Attack reports

HijackLoader evolution: abusing genuine signing certificates

Malicious Inauthentic Falcon Crash Reporter Installer Distributed to German Entity

Warning Against the Distribution of Malware Disguised as Software Cracks

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack