What is the LODEINFO malware? Analysis of LODEINFO The infection flow Update of the Downloader Shellcode Remote Template Injection Maldoc VBA code embedded in Maldoc Microsoft Office language check The Downloader Shellcode Fake PEM file de…
Background What is Tropic Trooper? The Need for Attribution Overall picture of the campaign Similarities to previous samples Similarities between EntryShell and KeyBoy Relationship between the new malware CrowDoor and FamousSparrow What is…
Summary Targeted Attack Mail Attachments Infection flow of malware Launching shortcut files Malware Analysis and Description of Operation Installer Operation Loader Operation Attacker’s mistake? The threat actor Countermeasures IoCs Destin…