Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript
Tags
country: | Japan |
maec-delivery-vectors: | Watering Hole |
attack-pattern: | Data Model Models Credentials - T1589.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Tool - T1588.002 Scripting - T1064 Scripting |
Common Information
Type | Value |
---|---|
UUID | 63a4f164-31d6-4a86-a971-b030eceb8cac |
Fingerprint | a40109090d1e3eea |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 17, 2024, 11 p.m. |
Added to db | Dec. 21, 2024, 3:43 a.m. |
Last updated | Dec. 24, 2024, 7:54 a.m. |
Headline | Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript |
Title | Now You See Me, Now You Don’t: Using LLMs to Obfuscate Malicious JavaScript |
Detected Hints/Tags/Attributes | 53/3/12 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 120 | ✔ | Unit 42 | https://feeds.feedburner.com/Unit42 | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 1 | gantep.edu.tr |
|
Details | Domain | 28 | obfuscator.io |
|
Details | Domain | 1 | bafkreihpvn2wkpofobf4ctonbmzty24fr73fzf4jbyiydn3qvke55kywdi.ipfs.dweb.link |
|
Details | Domain | 1 | jakang.freewebhostmost.com |
|
Details | Domain | 10 | nocodeform.io |
|
Details | Domain | 77 | ipfs.io |
|
Details | Domain | 1 | dub.sh |
|
Details | File | 12 | app.html |
|
Details | sha256 | 1 | 03d3e9c54028780d2ff15c654d7a7e70973453d2fae8bdeebf5d9dbb10ff2eab |
|
Details | sha256 | 1 | 4f1eb707f863265403152a7159f805b5557131c568353b48c013cad9ffb5ae5f |
|
Details | sha256 | 1 | 3f0b95f96a8f28631eb9ce6d0f40b47220b44f4892e171ede78ba78bd9e293ef |
|
Details | Url | 1 | http://gantep.edu.tr |