Tag: jscript

3 Attack Reports | 0 Vulnerabilities

Attack reports

JScript to PowerShell: Breaking Down a Loader Delivering XWorm and Rhadamanthys

This analysis examines a sophisticated malware loader that utilizes JScript to launch obfuscated PowerShell code, ultimately delivering payloads such as XWorm and Rhadamanthys. The loader employs geofencing tactics, targeting victims in the United States with XWorm RAT, while deploying Rhadamanthys…
xworm
rhadamanthys
jscript
2025-04-16
Published: April 16, 2025
Downloadable IOCs: 4

GrimResource - Microsoft Management Console for initial access and evasion

A novel, in-the-wild code execution technique leveraging Microsoft Management Console files (MSC) has been identified by Elastic Security researchers and was first spotted in the wild in June 2016 and is currently being investigated by VirusTotal.
cobalt strike
execution
vbscript
jscript
2024-06-27
msc file
mmc console
grimresource
console
pastaloader
windows script
Published: June 27, 2024
Downloadable IOCs: 3

Malicious Campaign Analysis: JScript RAT and CobaltStrike

This report examines a recent malicious campaign involving a JScript-based Remote Access Trojan (RAT) and its connections to the CobaltStrike penetration testing tool. The attack commences with an obfuscated JScript loader distributed through suspected phishing campaigns. Upon execution, it contact…
obfuscation
rat
encryption
cobaltstrike
2024-06-07
jscript
jscript rat
Published: June 7, 2024
Downloadable IOCs: 4
Click here to see more Attack Reports