Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)
released on 2024-05-30 @ 07:10:38 AM
The report analyzes a campaign where threat actors distribute various malware strains like RATs, coinminers, and loaders disguised as cracked versions of popular software. South Korean systems are heavily targeted, with malware persisting via scheduled tasks and evading security products. Detailed technical analysis covers the attack flow, malware functionality, evasion tactics, and infrastructure used in the campaign.