all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ModernLoader to Truebot via PNG

Add to bookmarks
April 8, 2023, 1:06 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

While perusing on VT I found a new C2 domain for TrueBot.


I have compiled a list of IOC’s denoting the infection chain and some notes related to it.


It starts with some JavaScript files. 4 of them have been identified and pointing to same TrueBot C2 ultimately.


At time of writing this, they all had low detection on VT, with 2 out of 59 engines falling them as malicious.


MD5

71e7a2549311647a6178b84393700bf8

4c75c5f63418b48ede30c16b079f324a

3c57867dc4bdeb8a7d55dfb7d8ef5008

287b172c23da5426cf039ef55d959fbd


 


As per comment from @thor_scanner …

detection domain february files infection ioc javascript list low malicious malware analysis md5 modernloader obfuscator png truebot writing

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

LNK File Disguised as Certificate Distributing RokRAT Malware 25 minutes ago | malware.news
abnormal academy ahnlab asec +27
RSAC 2024: Google on the promise of large language models and cybersecurity 2 hours ago | malware.news
article cybersecurity defensive genai +13
NVIDIA patches three ChatRTX security bugs 4 hours ago | malware.news
apps article bugs chatrtx +10
RSAC 2024: How to use AI without getting in trouble 4 hours ago | malware.news
article don laws link +9
Ubuntu security advisory (AV24-242) 4 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Red Hat security advisory (AV24-241) 5 hours ago | malware.news
advisory article canadian canadian centre for cyber security +7
Dell security advisory (AV24-238) 5 hours ago | malware.news
advisory article canadian canadian centre for cyber security +8
IBM security advisory (AV24-239) 5 hours ago | malware.news
advisory article canadian canadian centre for cyber security +8
[Control systems] CISA ICS security advisories (AV24-240) 5 hours ago | malware.news
article canadian canadian centre for cyber security cisa +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Privacy Engineer, Implementation Review

@ Meta | Menlo Park, CA | Seattle, WA
View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com

SOC Analyst

@ Rubrik | Palo Alto
View on infosec-jobs.com

Consultant Tech Advisory H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs