Tag: modiloader

An investigation of a file named 'Albertsons_payment.GZ' revealed a sophisticated malware delivery chain. The file, initially disguised as an image, was actually a Windows Cabinet file containing an obfuscated batch script. This script employed string slicing techniques to reconstruct commands and …

A cybersecurity analysis has identified a malicious operation involving the distribution of a downloader, dubbed DBatLoader or ModiLoader, through CMD files disguised as innocuous files. The campaign leverages phishing emails containing compressed CMD files that, when executed on English-language W…