Tag: dll

Wslink: Unique and undocumented malicious loader that runs as a server

October 27, 2021

There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor. ESET researchers have discovered a unique and previously undocumented loader for Windows binaries that, unlike other such loaders, runs as a server and executes received modules in memory. A loader is malicious code (a program) … More Wslink: Unique and undocumented malicious loader that runs as a server

Turla: In and out of its unique Outlook backdoor

August 23, 2018

The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails. ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos) to siphon … More Turla: In and out of its unique Outlook backdoor

OceanLotus ships new backdoor using old tricks

March 13, 2018

ESET researchers have dissected some of the latest additions to the malicious toolkit of the Advanced Persistent Threat (APT) group known as OceanLotus, also dubbed APT32 and APT-C-00. A prolific purveyor of malware, OceanLotus has its sights set on high-profile corporate and government targets in Southeast Asia, particularly in Vietnam, the Philippines, Laos, and Cambodia. … More OceanLotus ships new backdoor using old tricks