MDR in Action: Preventing The More_eggs Backdoor From Hatching

NetmanageIT OpenCTI - opencti.netmanageit.com

MDR in Action: Preventing The More_eggs Backdoor From Hatching



SUMMARY :

A sophisticated spear-phishing attack led to a more_eggs backdoor infection at a company. The attack began with an email to a senior executive, followed by a recruitment officer downloading a fake resume. The malicious file, disguised as a resume, contained obfuscated commands that executed when opened. This resulted in the download and execution of the more_eggs backdoor. The malware performed system checks and communicated with a command-and-control server. Trend Micro's MDR team quickly identified and contained the threat using Vision One platform, isolating the infected host and blocking indicators. The incident is part of a broader campaign using the Golden Chickens malware toolkit, with two variations observed targeting various industries, particularly those with financial resources.

OPENCTI LABELS :

backdoor,spear-phishing,malware-as-a-service,skid,more_eggs,vision one,spicyomelette,terra loader,recruitment,golden chickens,mdr


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


MDR in Action: Preventing The More_eggs Backdoor From Hatching