top of page
Search
Writer's pictureStormsec

ViperSoftX: Hiding in System Logs and Spreading VenomSoftX

This multi-stage stealer exhibits interesting hiding capabilities, concealed as small PowerShell scripts on a single line in the middle of otherwise innocent-looking large log files, among others. ViperSoftX focuses on stealing cryptocurrencies, clipboard swapping, fingerprinting the infected machine, as well as downloading and executing arbitrary additional payloads, or executing commands.




MALWARE FAMILIES: VenomSoftX, ViperSoftX


ATT&CK IDS: T1059 - Command and Scripting Interpreter, T1115 - Clipboard Data, T1176 - Browser Extensions, T1056 - Input Capture, T1140 - Deobfuscate/Decode Files or Information, T1106 - Native API, T1496 - Resource Hijacking, T1564 - Hide Artifacts, T1053 - Scheduled Task/Job, T1566 - Phishing


Read More:

1 view

Comments


Commenting has been turned off.
bottom of page