WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - Sekoia.io Blog

NetmanageIT OpenCTI - opencti.netmanageit.com

WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - Sekoia.io Blog



SUMMARY :

The Emmenhtal loader, also known as PeakLight, operates in a memory-only manner, making it difficult to detect and analyse. It is primarily used to distribute other malicious payloads, including well-known infostealers that target sensitive information.

OPENCTI LABELS :

dcrat,darkgate,webdav,clearfake,marko polo,emmenhtal,google cloud,peaklight,selfau3,zgrat


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - Sekoia.io Blog