Dynamic Malware Analysis of Konni RAT Malware APT37 With Any.Run | allinfosecnews.com

April 6, 2024, 11:55 a.m. | /u/MotasemHa

Malware Analysis & Reports www.reddit.com

We analyzed Konni RAT Malware which was developed by advanced persisten group APT37 according to MITRE ATT&CK. We performed dynamic malware analysis using Any.run cloud malware analysis tool. Konni malware masqureades as word document file which when opened downloads a spyware executable designed to exfitlrate and send machine OS and credentials data to the main C2 server. The malware uses powershell to execute system commands to achieve the aformentioned objectives.

[Video](https://www.youtube.com/watch?v=ZHuB4-jXOy4)

[Writeup](https://motasem-notes.net/en/dynamic-malware-analysis-of-konni-rat-malware-apt37-with-any-run/)

advanced amp analysis any.run apt37 att cloud cloud malware document downloads dynamic file konni machine malware malware analysis mitre mitre att&amp rat rat malware run send spyware tool word word document

More from www.reddit.com / Malware Analysis & Reports

Phising opensea 3 days, 8 hours ago | www.reddit.com

mail malware opensea phishing +1

Understanding How CVEProject/cvelistV5 Works 5 days, 15 hours ago | www.reddit.com

api cve cves etc +18

[Video] Triaging Files on VirusTotal 1 week, 3 days ago | www.reddit.com

files malware video virustotal

Need recommendations for Premium Tools 1 week, 3 days ago | www.reddit.com

analysis atm budget can +12

Are hidden incoming SMS common for C&C? 1 week, 5 days ago | www.reddit.com

account android android malware carrier +12

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 1 week, 5 days ago | www.reddit.com

attackers clusters critical exploiting +5

A Powerful tracing engine based on Qemu 2 weeks, 3 days ago | www.reddit.com

binary called can case +20

[Fixed] Coding The Rat King: A Multi-Family Malware Configuration Parser 2 weeks, 4 days ago | www.reddit.com

code coding configuration family +5

Dynamic Malware Analysis of Konni RAT Malware APT37 With Any.Run 3 weeks, 3 days ago | www.reddit.com

advanced amp analysis any.run +22

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai

View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto

View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States

View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom

View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States

View on infosec-jobs.com