SYMBOLCOMMON_NAMEaka. SYNONYMS
js.darkwatchman (Back to overview)

DarkWatchman

Prevailion found this RAT written in JavaScript, which dynamically compiles an accompanying keylogger written in C# and uses a DGA für C&C.

References
2022-04-26IBMMelissa Frydrych, Claire Zaboeva, David Bryant
@online{frydrych:20220426:hive0117:2ddea35, author = {Melissa Frydrych and Claire Zaboeva and David Bryant}, title = {{Hive0117 Continues Fileless Malware Delivery in Eastern Europe}}, date = {2022-04-26}, organization = {IBM}, url = {https://securityintelligence.com/posts/hive00117-fileless-malware-delivery-eastern-europe/}, language = {English}, urldate = {2022-05-04} } Hive0117 Continues Fileless Malware Delivery in Eastern Europe
DarkWatchman
2021-12-14PrevailionMatt Stafford, Sherman Smith
@online{stafford:20211214:darkwatchman:d60bc6c, author = {Matt Stafford and Sherman Smith}, title = {{DarkWatchman: A new evolution in fileless techniques}}, date = {2021-12-14}, organization = {Prevailion}, url = {https://www.prevailion.com/darkwatchman-new-fileness-techniques/}, language = {English}, urldate = {2021-12-23} } DarkWatchman: A new evolution in fileless techniques
DarkWatchman

There is no Yara-Signature yet.