SYMBOLCOMMON_NAMEaka. SYNONYMS
vbs.randomquery (Back to overview)

RandomQuery

Actor(s): Kimsuky

According to SentinelLabs, this is a VisualBasic-based malware that gathers system and file information and exfiltrates the data using InternetExplorer.Application or Microsoft.XMLHTTP objects.

References
2023-05-23Aleksandar Milenkoski
Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
RandomQuery

There is no Yara-Signature yet.