Kaspersky uncovers fileless malware inside Windows event logs

Discussion in 'malware problems & news' started by waking, May 10, 2022.

  1. waking

    waking Registered Member

    Joined:
    Jan 25, 2016
    Posts:
    103
    Kaspersky uncovers fileless malware inside Windows event logs

    May 9, 2022

    https://www.techrepublic.com/article/kaspersky-fileless-malware-windows-event-logs/

    "An unprecedented discovery made by Kaspersky could have serious consequences
    for those using Windows operating systems. The cybersecurity company published
    an article on May 4 detailing that - for the first time ever - hackers have
    placed shellcode into Windows event logs, hiding Trojans as fileless malware."



    A new secret stash for "fileless" malware

    04 May 2022

    https://securelist.com/a-new-secret-stash-for-fileless-malware/106393/
     
  2. nicolaasjan

    nicolaasjan Registered Member

    Joined:
    Sep 23, 2018
    Posts:
    487
    Location:
    The Netherlands
    Indicators of Compromise:

    IPv4
    Code:
        178.79.176.136
    
        93.95.228.97
    
        162.0.224.144
    
        185.145.253.62
    
        194.195.241.46
    
        178.79.176.1
    Domains

    Code:
        eleed.online
    
        eleed.cloud
    
        timestechnologies.org
    
        avstats.net
    
        mannlib.com
    
        nagios.dreamvps.com
    
        opswat.info
     
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,189
    Thanks for diving into it.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.