HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks - Microsoft Security Blog
Tags
Common Information
| Type | Value |
|---|---|
| UUID | f4f51f2c-456b-40a7-97bb-063c11e594f8 |
| Fingerprint | 200518393445ce4d |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 11, 2021, 9 a.m. |
| Added to db | Sept. 26, 2022, 9:34 a.m. |
| Last updated | Nov. 12, 2024, 11:53 a.m. |
| Headline | HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks |
| Title | HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks - Microsoft Security Blog |
| Detected Hints/Tags/Attributes | 90/3/12 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | poocardy.net |
|
| Details | Domain | 1 | malparque.org |
|
| Details | File | 1 | malicious.docx |
|
| Details | File | 1 | safe.docx |
|
| Details | File | 1 | sptdintf.dll |
|
| Details | File | 1 | imgengine.dll |
|
| Details | File | 380 | notepad.exe |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 2 | DEV-0238 |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 2 | DEV-0253 |
|
| Details | Deprecated Microsoft Threat Actor Naming Taxonomy (Groups in development) | 16 | DEV-0193 |
|
| Details | Url | 1 | http://poocardy.net/diretorio |
|
| Details | Url | 1 | https://malparque.org/rest/restfuch.png |