top of page
Search

Inside Matanbuchus: A Quirky Loader

Matanbuchus is a malware-as-a-Service loader that has been sold on underground markets for more than a year, but can also be rented to attackers for the same price.




MALWARE FAMILIES: Matanbuchus, Cobalt Strike


ATT&CK IDS: T1021 - Remote Services, T1027 - Obfuscated Files or Information, T1053 - Scheduled Task/Job, T1055 - Process Injection, T1059 - Command and Scripting Interpreter, T1068 - Exploitation for Privilege Escalation, T1102 - Web Service, T1104 - Multi-Stage Channels, T1105 - Ingress Tool Transfer, T1106 - Native API, T1134 - Access Token Manipulation, T1140 - Deobfuscate/Decode Files or Information, T1218 - Signed Binary Proxy Execution, T1497 - Virtualization/Sandbox Evasion, T1548 - Abuse Elevation Control Mechanism, T1566 - Phishing, T1573 - Encrypted Channel, T1574 - Hijack Execution Flow


Read More:

1 view

Comments


Commenting has been turned off.
bottom of page