Tag
high
advisory
Fileless Multi-Stage Remcos RAT via Phishing
2 rules 4 TTPsA fileless multi-stage Remcos RAT is delivered via phishing, achieving memory-resident execution, but specific technical details are not provided in this brief.
remcos
rat
fileless
phishing
2r
4t
high
threat
Lazarus Group Macloader Malware Analysis and Repurposing
2 rules 2 TTPs 1 IOCThe Lazarus group's macloader malware (OSX.AppleJeus.C) uses a launch daemon for persistence and executes downloaded payloads directly from memory, communicating with a C2 server to retrieve second-stage payloads, posing a significant threat due to its fileless execution and potential for repurposing.
Lazarus Group
+4
lazarus-group
macos
malware
fileless
applejeus
2r
2t
1i
high
threat
Lazarus Group's macOS 'Fileless' Implant
3 rules 3 TTPs 3 IOCsThe Lazarus APT group is distributing a trojanized macOS application named UnionCryptoTrader.dmg that installs a launch daemon for persistence, downloads and executes secondary payloads in-memory, and communicates with the command and control server unioncrypto.vip.
macos
Lazarus Group
+4
lazarus
fileless
trojan
3r
3t
3i