Sept. 30, 2023, 8:05 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Why reinvent the wheel? We are all lazy and, if we have a tool that offers some interesting capabilities, why not use it? I spotted a simple maliciouis Python script targeting Windows hosts. The file (SHA256:d706d94981bc53ab1458519f224b9602152325fc2a18f3df9d9da8f562b99044) is flagged by 16 antivirus products on VirusTotal[1]. Nothing very exciting with the script, it’s a bot that uses a Discord channel for C2 communications. 


Article Link: https://isc.sans.edu/diary/rss/30264


1 post - 1 participant


Read full topic

antivirus backdoor capabilities exciting file flagged netcat products python python script sat script sha256 simple targeting tool virustotal windows

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Infosec Engineer II(3-6 Years)

@ MRI Software | Bengaluru, India Office

Cyber Security Analyst

@ ControlUp | Rishon Lezion

Senior Consultant.e (H/F) - Product & Industrial Cybersecurity - CDI

@ Wavestone | Paris, France

Offensive Security Engineer III

@ Fanatics | India - Hyderabad