Tag: shell

2 Attack Reports | 0 Vulnerabilities

Attack reports

You've Got Malware: FINALDRAFT Hides in Your Drafts

While investigating REF7707, Elastic Security Labs discovered a new family of previously unknown malware that leverages Outlook as a communication channel via the Microsoft Graph API. This post-exploitation kit includes a loader, a backdoor, and multiple submodules that enable advanced post-exploit…
linux
powershell
shell
lsass
mimikatz
finaldraft
ref7707
pathloader
2025-02-14
elf
microsoft graph
outlook
elf variant
ntlm hash
pe
updatetask
Published: February 14, 2025
Downloadable IOCs: 9

From IcedID to Dagon Locker Ransomware in 29 Days

This intrusion started in August 2023 with a phishing campaign that distributed IcedID malware. The phishing operation utilized the Prometheus Traffic Direction System (TDS) to deliver the malware and victims were directed to a fraudulent website, mimicking an Azure download portal.
powershell
cobalt strike
anydesk
icedid
adfind
rclone
shell
encrypted
discovery
domain account
access token
manipulation
utility
modify system
aws collector
prometheustds
seatbelt
sharefinder
Published: April 29, 2024
Downloadable IOCs: 33
Click here to see more Attack Reports