2020-04-06 Qealler RAT Malspam

Meta ===== From: Bharti Ladwa Subject: EFT Supplier Number: 0003697 Link in the email: hxxps://jfreecss.co.uk/ Malware type: Qealler ———————- Basically this is a Java RAT. Below are some additional resources that explain how this type of malware works. https://www.zscaler.com/blogs/research/qealler-new-jar-based-information-stealer https://securityboulevard.com/2019/10/hiding-in-plain-sight-new-adwind-jrat-variant-uses-normal-java-commands-to-mask-its-behavior/ https://www.securityinbits.com/malware-analysis/pyrogenic-infostealer-static-analysis-part-0x1/ Earlier today I came across a phishing email that…

Continue reading