Do You Speak Multiple Languages? Malware Does

In the past few months, a flurry of harmful spam campaigns with a financial theme have been distributing malware via batch scripts (.bat). To accomplish various goals along the infection chain, the campaigns use a wide range of programming languages, including batch scripts, PowerShell, Go, shellcode, and.NET. Simple batch scripts that use PowerShell to download a second stage of malware from the internet are the source of the infection.

To avoid detection, the malware is packed twice, including by ShellGo, a Go crypter that decrypts and runs shellcode in memory. The shellcode runs the payload in memory and gets around two Windows security measures by decrypting the payload. The popular remote access trojan (RAT), AsyncRAT, created in.NET, served as the payload in the campaign we examined below. Notably.

Do You Speak Multiple Languages? Malware Does

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Do You Speak Multiple Languages? Malware Does

10-Aug-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address