Not sure how I missed this article back in March. This analysis by Check Point Research confirms details and provides greater clarity into some malware samples I saw back in January.
While we have been monitoring this threat, we spotted a few publicly shared pieces of information, mainly by independent researchers, that were related to the functionality of dotRunpeX but misattributed to a different well-known malware family.
Although in my analysis, I did suspect the sample was related to AgentTesla based on various similarities to other samples I'd seen. CheckPoint's analysis is surgical, though. And my future analyses will strive to follow that.
No comments:
Post a Comment