Pronsis Loader (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

jar.pronsis_loader (Back to overview)

Pronsis Loader

According to TrustWave, this is a loader leveraging JPHP, which was observed fetching Latrodectus and Lumma.

2024-10-28 ⋅ Google ⋅ Google Threat Analysis Group
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives
CraxsRAT Pronsis Loader PureLogs Stealer

2024-10-08 ⋅ Trustwave ⋅ Cris Tomboc, King Orande
Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
Pronsis Loader Latrodectus Lumma Stealer

There is no Yara-Signature yet.