Kaspersky uncovers fileless malware inside Windows event logs

Discussion in 'malware problems & news' started by waking, May 10, 2022.

  1. waking

    waking Registered Member

    Joined:
    Jan 25, 2016
    Posts:
    103
    Kaspersky uncovers fileless malware inside Windows event logs

    May 9, 2022

    https://www.techrepublic.com/article/kaspersky-fileless-malware-windows-event-logs/

    "An unprecedented discovery made by Kaspersky could have serious consequences
    for those using Windows operating systems. The cybersecurity company published
    an article on May 4 detailing that - for the first time ever - hackers have
    placed shellcode into Windows event logs, hiding Trojans as fileless malware."


    A new secret stash for "fileless" malware

    04 May 2022

    https://securelist.com/a-new-secret-stash-for-fileless-malware/106393/
     
    waking, May 10, 2022
    #1
  2. nicolaasjan

    nicolaasjan Registered Member

    Joined:
    Sep 23, 2018
    Posts:
    487
    Location:
    The Netherlands
    Indicators of Compromise:

    IPv4
    Code:
        178.79.176.136

    93.95.228.97

    162.0.224.144

    185.145.253.62

    194.195.241.46

    178.79.176.1
    Domains

    Code:
        eleed.online

    eleed.cloud

    timestechnologies.org

    avstats.net

    mannlib.com

    nagios.dreamvps.com

    opswat.info
     
    nicolaasjan, May 10, 2022
    #2
  3. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    5,189
    Thanks for diving into it.
     
    Trooper, May 10, 2022
    #3
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...