One Article Review
| Source |  Fortinet ThreatSignal |
|---|---|
| Identifiant | 4790512 |
| Date de publication | 2022-05-24 13:31:49 (vue: 2022-05-24 21:06:34) |
| Titre | New ArguePatch Variant Attacks Ukraine |
| Texte | FortiGuard Labs is aware of a report that a new variant of ArguePatch malware was used in an attack against Ukraine. This ArguePatch variant includes a feature to set up a schedules task in order to perform a specific action at a specified time.Why is this Significant?This is significant because the new variant of ArguePatch malware now has a feature to perform a specific action at a specified time without setting up a scheduled task. This provides more stealthiness to the malware which allows it to stay under the radar until it actually starts to carry out a next stage action.What is ArguePatch?ArguePatch is a loader malware that was previously used in campaigns against Ukraine which involve CaddyWiper and Industroyer2. The malware is a patched version of a legitimate component of Hex-Rays IDA Pro software.FortiGuard Labs previously released Threat Signals on CaddyWiper and Industroyer2. See the Appendix for links to "Additional Wiper Malware Deployed in Ukraine #CaddyWiper" and "Industroyer2 Discovered Attacking Critical Ukrainian Verticals".What is the Status of Coverage?FortiGuard Labs provides the following AV coverage against known variants of ArguePatch:W32/Agent.AECG!trW32/PossibleThreat |
| Envoyé | Oui |
| Condensat | #caddywiper action actually additional aecg against allows appendix arguepatch arguepatch:w32/agent attack attacking attacks aware because caddywiper campaigns carry component coverage critical deployed discovered feature following fortiguard has hex ida includes industroyer2 involve known labs legitimate links loader malware more new next now order out patched perform previously pro provides radar rays released report scheduled schedules see set setting signals significant software specific specified stage starts status stay stealthiness task threat time trw32/possiblethreat ukraine ukrainian under until used variant variants version verticals what which why wiper without |
| Tags | Malware Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.