TicTacToe Dropper
released on 2024-02-16 @ 10:43:10 AM
Analysis of malware samples identified a grouping of malware droppers used to deliver various final-stage payloads in 2023. The droppers employ multiple stages of obfuscated payloads loaded reflectively. Final payloads include info-stealers and remote access trojans. Dropper exhibits anomalous behaviors like multi-stage extraction and reflective loading detectable by EDR.