all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Following the Scent of TrickGate: 6-Year-Old Packer Used to Deploy the Most Wanted Malware

Add to bookmarks
Jan. 30, 2023, 11 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Research by: Arie Olshtein


Executive summary





  • Initially observed in July 2016, TrickGate is a shellcode-based packer offered as a service to hide malware from EDRs and antivirus programs.

  • Over the last 6 years, TrickGate was used to deploy the top members of the “Most Wanted Malware” list, such as Cerber, Trickbot, Maze, Emotet, REvil, Cobalt Strike, AZORult, Formbook, AgentTesla and more.

  • TrickGate managed to stay under the radar for years because it is transformative – it undergoes changes periodically. This …

agenttesla antivirus azorult cerber cobalt cobalt strike edrs emotet executive formbook hide july malware malware research managed maze old packer research revil service shellcode strike trickbot trickgate under

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Distribution of Infostealer Made With Electron an hour ago | malware.news
ahnlab applications apps asec +20
Mitigating AI-Powered Cyberthreats With a Proactive ZTNA Security Strategy 2 hours ago | malware.news
ai-powered artificial artificial intelligence capabilities +20
TensorFlow AI models at risk due to Keras API flaw 3 hours ago | malware.news
ai models api arbitrary code article +9
Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380 3 hours ago | malware.news
alto article bear crushftp +9
Google ad for Facebook redirects to scam 3 hours ago | malware.news
ads campaign facebook google +15
Memory Analysis 101: Understanding Memory Threats and Forensic Tools 4 hours ago | malware.news
analysis cybersecurity cybersecurity landscape drive +22
A 'substantial proportion' of Americans exposed in Change Healthcare cyberattack 4 hours ago | malware.news
article change change healthcare customer +15
Change Healthcare Says Attackers Accessed PHI and PII 6 hours ago | malware.news
access america attack attackers +16
Change Healthcare attack did not result in harm to veteran care, VA says 6 hours ago | malware.news
article attack care change +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineering Professional

@ Nokia | India
View on infosec-jobs.com

Cyber Intelligence Exercise Planner

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Technical Lead, HR Systems Security

@ Sun Life | Sun Life Wellesley
View on infosec-jobs.com

SecOps Manager *

@ WTW | Thane, Maharashtra, India
View on infosec-jobs.com

Consultant Appels d'Offres Marketing Digital

@ Numberly | Paris, France
View on infosec-jobs.com
View more jobs