Tag: windows registry

3 Attack Reports | 0 Vulnerabilities

Attack reports

Masslogger Fileless Variant – Spreads via .VBE, Hides in Registry

A sophisticated variant of the Masslogger credential stealer malware has been identified spreading through .VBE files. This multi-stage fileless malware heavily relies on Windows Registry to store and execute its malicious payload. The infection begins with a .VBE file, likely distributed via spam …
obfuscation
persistence
windows registry
vbscript
data exfiltration
process hollowing
credential stealer
fileless malware
2025-06-18
masslogger
Published: June 18, 2025
Downloadable IOCs: 1

A Deep Dive into a New ValleyRAT Campaign Targeting Chinese Speakers

FortiGuard Labs recently encountered an ongoing malware campaign specifically targeting Chinese speakers. The attack utilizes a multi-stage malware named ValleyRAT, which employs diverse techniques to monitor and control victims while deploying arbitrary plugins. A notable characteristic is its hea…
windows registry
shellcode
valleyrat
2024-08-16
sandbox evasion
cmstplua com class
Published: August 16, 2024
Downloadable IOCs: 34

Zloader Learns Old Tricks

Zloader (a.k.a. Terdot, DELoader, or Silent Night) is a modular trojan based on leaked ZeuS source code. Zloader has continued to evolve since its resurrection around September 2023 after an almost two-year hiatus. The latest version, 2.4.1.0, introduces a feature to prevent execution on machines t…
python
anti-analysis
windows registry
zloader
zeus
Published: April 30, 2024
Downloadable IOCs: 8
Click here to see more Attack Reports