MDR in Action: Preventing The More_eggs Backdoor From Hatching
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated spear-phishing attack led to a more_eggs backdoor infection at a company. The attack began with an email to a senior executive, followed by a recruitment officer downloading a fake resume. The malicious file, disguised as a resume, contained obfuscated commands that executed when opened. This resulted in the download and execution of the more_eggs backdoor. The malware performed system checks and communicated with a command-and-control server. Trend Micro's MDR team quickly identified and contained the threat using Vision One platform, isolating the infected host and blocking indicators. The incident is part of a broader campaign using the Golden Chickens malware toolkit, with two variations observed targeting various industries, particularly those with financial resources.
OPENCTI LABELS :
backdoor,spear-phishing,malware-as-a-service,skid,more_eggs,vision one,spicyomelette,terra loader,recruitment,golden chickens,mdr
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
MDR in Action: Preventing The More_eggs Backdoor From Hatching