ThreatsHub.org
This is the third installment of a three-part technical analysis of the fully undetectable (FUD) obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into highly evasive FUD batch obfuscators. Read More HERE…
Learn how analysts can search for threats with greater accuracy, speed, and effectiveness. Read More HERE…
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. Read More HERE…
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. Read More HERE…
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. Read More HERE…
We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion capabilities and interoperability with other malware. Read More HERE…
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. Read More HERE…
We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities. Read More HERE…
We have been able to uncover a massive cryptocurrency scam involving more than a thousand websites handled by different affiliates linked to a program called Impulse Project, run by a threat actor named Impulse Team. Read More HERE…
Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu’s motives seem to have changed since at least October 2022. Read More HERE…