Multiple Malware Dropped Through MSI Package

NetmanageIT OpenCTI - opencti.netmanageit.com

Multiple Malware Dropped Through MSI Package



SUMMARY :

An analysis reveals the distribution of malware through an MSI package, specifically SectopRat and Redline stealer. The malware employs techniques like executing malicious scripts, disabling security measures, and establishing persistence through scheduled tasks. It communicates with command-and-control servers located in Russia. The investigation underscores the importance of exercising caution when dealing with untrusted software packages.

OPENCTI LABELS :

powershell,stealer,redline,c2,dropper,sectoprat,persistence


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Multiple Malware Dropped Through MSI Package