You've Got Malware: FINALDRAFT Hides in Your Drafts

SUMMARY :

While investigating REF7707, Elastic Security Labs discovered a new family of previously unknown malware that leverages Outlook as a communication channel via the Microsoft Graph API. This post-exploitation kit includes a loader, a backdoor, and multiple submodules that enable advanced post-exploitation activities.

OPENCTI LABELS :

powershell,shell,linux,mimikatz,elf,lsass,pe,outlook,finaldraft,ref7707,pathloader,microsoft graph,elf variant,ntlm hash,updatetask


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


You've Got Malware: FINALDRAFT Hides in Your Drafts