GHOSTPULSE haunts victims using defense evasion bag o' tricks
released on 2023-10-30 @ 05:14:42 PM
Elastic Security Labs has observed a campaign to compromise users with signed MSIX application packages to gain initial access. The campaign leverages a stealthy loader we call GHOSTPULSE which decrypts and injects its final payload to evade detection.