<tutorialjinni.com/>

PowerPepper Malware Sample Download

Posted Under: PowerShell on Dec 8, 2020
PowerPepper Malware Sample Download
PowerPepper is a Windows in-memory PowerShell backdoor that can execute remotely sent shell commands. It is associated with DeathStalker (formerly called Deceptikons), a threat actor know to be active since 2012. The threat actor consistently used what is called "dead-drop resolvers" (DDRs), which is an obfuscated content hosted on major public web services like YouTube, Twitter or Reddit, once decoded by malware this content reveals a command-and-control (C2) server address.

FTCODE Ransomware Sample Download

Posted Under: PowerShell on Oct 6, 2019
FTCODE Ransomware Sample Download
FTCODE Ransomware encrypts user data using AES-256 (in CBC mode) + RSA-1024, and then requires a ransom of $500 to return the files. FTCODE ransomware mainly target Italian companies. It is spreading via email spam campaign which previously know to distribute JasperLoader and Gootkit.

MuddyWater APT Phishing Campaign Sample Download

Posted Under: PowerShell on Oct 13, 2018
MuddyWater APT Phishing Campaign Sample Download
MuddyWater is a relatively new APT that surfaced in 2017. It has focused mainly on governmental targets in Iraq and Saudi Arabia, according to past telemetry. However, the group behind MuddyWater has been known to target other countries in the Middle East, Europe and the US.

OilRig BONDUPDATER Malware Sample

Posted Under: PowerShell on Sep 19, 2018
OilRig BONDUPDATER Malware Sample
OilRig a threat actor actively know from 2016, now uses a new threat vector BONDUPDATER malware. It target middle eastern oil producing countries. It uses spear phishing email campaigns to propagate itself.

PowerPool Malware Sample

Posted Under: PowerShell on Sep 8, 2018
PowerPool Malware Sample
PowerPool malware exploits a 0-day vulnerability in Microsoft Windows 7 to 10. This 0-day vulnerability targets the Advanced Local Procedure Call (ALPC) allows non-admin user to gain administrative privileges.