SYMBOL | COMMON_NAME | aka. SYNONYMS |
Storm-1113 is a threat actor that acts both as an access broker focused on malware distribution through search advertisements and as an “as-a-service” entity providing malicious installers and landing page frameworks. In Storm-1113 malware distribution campaigns, users are directed to landing pages mimicking well-known software that host installers, often MSI files, that lead to the installation of malicious payloads. Storm-1113 is also the developer of EugenLoader, a commodity malware first observed around November 2022.
2024-11-21
⋅
Intrinsec
⋅
PROSPERO & Proton66: Uncovering the links between bulletproof networks Coper SpyNote FAKEUPDATES GootLoader EugenLoader |
2024-11-20
⋅
Intrinsec
⋅
PROSPERO & Proton66: Tracing Uncovering the links between bulletproof networks Coper SpyNote FAKEUPDATES GootLoader EugenLoader IcedID Matanbuchus Nokoyawa Ransomware Pikabot |
2024-08-13
⋅
Google
⋅
Finding Malware: Unveiling NUMOZYLOD with Google Security Operations EugenLoader UNC4536 |
2024-07-02
⋅
Sekoia
⋅
Exposing FakeBat loader: distribution methods and adversary infrastructure BlackCat Royal Ransom EugenLoader Carbanak Cobalt Strike DICELOADER Gozi IcedID Lumma Stealer NetSupportManager RAT Pikabot RedLine Stealer SectopRAT Sliver SmokeLoader Vidar |
2023-12-30
⋅
Rewterz Information Security
⋅
Rewterz Threat Alert – Widely Abused MSIX App Installer Disabled by Microsoft – Active IOCs EugenLoader POWERTRASH BATLOADER DarkGate FlawedGrace NetSupportManager RAT SectopRAT Storm-0506 |
2023-12-12
⋅
eSentire
⋅
Unraveling BatLoader and FakeBat EugenLoader |
2023-02-28
⋅
Intel 471
⋅
Malvertising Surges to Distribute Malware EugenLoader BATLOADER IcedID |