Source |
Team Cymru |
Identifiant |
1222896 |
Date de publication |
2019-07-25 13:48:01 (vue: 2019-07-25 16:01:22) |
Titre |
Unmasking AVE_MARIA |
Texte |
Key Findings AVE_MARIA is a Remote Administration Tool (RAT) offering marketed as WARZONE RAT on hacker forums and on the Web WARZONE RAT is only available as a one- or three-month subscription The same persona selling WARZONE RAT also promotes a free dynamic DNS service, warzonedns[.]com Introduction Several public reports[1][2] of a malware family often referred to as AVE_MARIA were made in January 2019. Yoroi, an Internet research company, says the malware sample analyzed for their report[2] contains “AVE_MARIA”, and uses that string as a “hello message” for the malware controller. Also, in a Twitter thread[3] about similar malware, a […] |
Envoyé |
Oui |
Condensat |
“hello 2019 about administration also analyzed available ave com company contains controller dns dynamic family findings forums free hacker internet introduction january key made malware maria maria” marketed message” month offering often one only persona promotes public rat referred remote report reports research same sample says selling service several similar string subscription thread three tool twitter unmasking uses warzone warzonedns web yoroi “ave |
Tags |
Malware
Tool
|
Stories |
|
Notes |
|
Move |
|