The sample has been identified as being associated with the 'Virlock' family of malware. The sample targets Win32 platforms. The sample is categorized as 'ransomware'. The sample was first seen in the wild on 2019-03-10.
The sample has been identified as being associated with the 'ChewBacca' family of malware. The sample targets Win32 platforms. The sample is categorized as 'retail'. The sample was first seen in the wild on 2019-05-06.
The sample has been identified as being associated with the 'CosmicDuke' family of malware. The sample targets Win32 platforms. The sample is categorized as 'apt'. The sample was first seen in the wild on 2022-07-06.
The sample has been identified as being associated with the 'Sakurel' family of malware. The sample targets Win32 platforms. The sample is categorized as 'apt'. The sample was first seen in the wild on 2022-01-02.
The sample has been identified as being associated with the 'Crypmodadv' family of malware. The sample targets Win32 platforms. The sample is categorized as 'ransomware'. The sample was first seen in the wild on 2021-07-28.
The sample has been identified as being associated with the 'Tinba' family of malware. The sample targets Win32 platforms. The sample is categorized as 'financial'. The sample was first seen in the wild on 2018-06-19.
The sample has been identified as being associated with the 'SmsAgent' family of malware. The sample targets Android platforms. The sample is categorized as 'financial'. The sample was first seen in the wild on 2019-06-11.
The sample has been identified as being associated with the 'Sakurel' family of malware. The sample targets Win32 platforms. The sample is categorized as 'apt'. The sample was first seen in the wild on 2019-08-09.
The sample has been identified as being associated with the 'Virlock' family of malware. The sample targets Win32 platforms. The sample is categorized as 'ransomware'. The sample was first seen in the wild on 2019-10-06.
The sample has been identified as being associated with the 'Banload' family of malware. The sample targets Win32 platforms. The sample is categorized as 'financial'. The sample was first seen in the wild on 2019-12-13.
The sample has been identified as being associated with the 'Gandcrab' family of malware. The sample targets Win32 platforms. The sample is categorized as 'ransomware'. The sample was first seen in the wild on 2020-02-12.
The sample has been identified as being associated with the 'Lockscreen' family of malware. The sample targets Android platforms. The sample is categorized as 'ransomware'. The sample was first seen in the wild on 2018-07-17.
The sample has been identified as being associated with the 'Virlock' family of malware. The sample targets Win32 platforms. The sample is categorized as 'ransomware'. The sample was first seen in the wild on 2018-09-15.
The sample has been identified as being associated with the 'ZeGhost' family of malware. The sample targets Win32 platforms. The sample is categorized as 'apt'. The sample was first seen in the wild on 2018-12-12.
CVSS: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
This strike exploits a command injection vulnerability in Zyxel Firewall. The vulnerability is due to improper input validation in the CGI component. A remote, unauthenticated attacker could exploit this by sending a maliciously crafted request to the CGI component. A successful attack may result in remote code execution in the security context of nobody user.
CVSS: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
This strike exploits a buffer overflow vulnerability in MySQL when creating user defined functions. The vulnerability is caused by improper boundary handling when processing CREATE FUNCTION statements. A remote, authenticated attacker with certain privilege on the MySQL server can exploit the vulnerability to cause denial of service or execute arbitrary code with MySQL privileges.
The sample has been identified as being associated with the 'CosmicDuke' family of malware. The sample targets Win32 platforms. The sample is categorized as 'apt'. The sample was first seen in the wild on 2022-06-27.
This strike sends a malware sample known as Jaik. Jaik is a botnet that communicates with external domains as well as injects code into other processes, can perform DDoS attacks, and generic credential harvesting.
This strike sends a malware sample known as Swisyn. Swisyn is a loader that installs malicious software on the system, including remote access tool functionality, allowing the controller to perform any malicious action.
The sample has been identified as being associated with the 'Zeus' family of malware. The sample targets Win32 platforms. The sample is categorized as 'financial'. The sample was first seen in the wild on 2023-05-28.