home.social
Sign in Create account

#mummyspider β€” Public Fediverse posts

Live and recent posts from across the Fediverse tagged #mummyspider, aggregated by home.social.

  1. Opalsec :verified: @[email protected] Β·

    The prolific #Emotet malware - tracked under the actor #MummySpider and #TA542 - is back after a 3 month break, delivering inflated (~500MB) macro-enabled Word documents via invoice-themed Phishing emails.

    bleepingcomputer.com/news/secu

    The Word documents are contained in a password protected archive, and once opened and the malicious content is enabled, will download the Emotet payload - a similarly bloated dll file, designed to bypass automated scanning solutions that typically can't process large files.

    Malware analyst Max Malyutin has a great summary of the ATT&CK techniques and IOCs seen in this campaign so far: twitter.com/Max_Mal_/status/16

    Analysts may find debloat - a tool that strips guff from intentionally bloated executables - useful in processing samples: github.com/Squiblydoo/debloat

    #infosec #cyber #news #cybernews #infosec #infosecnews #informationsecurity #cybersecurity #security #technology #malware #soc #threatintel #threatintelligence #phishing

    #emotet #mummyspider #ta542 #infosec #cyber #news
  2. yaracroft @[email protected] Β·

    πŸ—ƒοΈ Emotet

    #microsoft #malware #feodo #cyber #emotet #mealybug #mummyspider #ta542 #botnet #emulation #geodo #threats #x64 #windows #loader #informatique

    #informatique #loader #windows #x64 #threats #geodo