SYMBOLCOMMON_NAMEaka. SYNONYMS
vbs.unidentified_002 (Back to overview)

Unidentified 002 (Operation Kremlin)


Unnamed malware. Delivered as remote template that drops a VBS file, which uses LOLBINs to crawl the disk and exfiltrate data zipped up via winrar.

References
2021-01-07ClearSkyClearSky Research Team
Operation ‘Kremlin’
Unidentified 002 (Operation Kremlin)

There is no Yara-Signature yet.