SYMBOLCOMMON_NAMEaka. SYNONYMS
jar.pronsis_loader (Back to overview)

Pronsis Loader


According to TrustWave, this is a loader leveraging JPHP, which was observed fetching Latrodectus and Lumma.

References
2024-10-28GoogleGoogle Threat Analysis Group
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives
CraxsRAT Pronsis Loader PureLogs Stealer
2024-10-08TrustwaveCris Tomboc, King Orande
Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
Pronsis Loader Latrodectus Lumma Stealer

There is no Yara-Signature yet.