Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: meterpreter

2 attack reports | 0 vulnerabilities

Attack reports

SmallTiger Malware Used in Attacks Against South Korean Businesses (Kimsuky and Andariel)

This report details a series of attacks targeting South Korean companies, particularly defense contractors, automobile part manufacturers, and semiconductor manufacturers. The threat actor initially deployed malware strains associated with the Kimsuky group, such as MultiRDP and Meterpreter, but la…

apt
meterpreter
2024-06-11
mimikatz
durianbeacon
multirdp
webbrowserpassview
smalltiger
Published: June 11, 2024

Downloadable IOCs 19

Case of Malware Distribution Linking to Illegal Gambling Website Targeting Korean Web Server

This report examines a malware strain distributed to web servers in South Korea that redirects users to an illegal gambling site. The threat actor installed a Meterpreter backdoor, a port forwarding tool, and an IIS module malware on a compromised web server. The IIS module inspects HTTP headers an…

korea
2024-05-03
2024-05-04
2024-05-05
2024-05-06
2024-05-07
2024-05-08
meterpreter
webserver
iismodulemalware
gamblingredirect
Published: May 8, 2024

Downloadable IOCs 8

» Click here to see all Attack Reports «