Tuesday, December 7, 2021

Case Study: From BazarLoader to Network Reconnaissance

This post is also available in: 日本語 (Japanese)

Executive Summary

BazarLoader is Windows-based malware spread through various methods involving email. These infections provide backdoor access that criminals use to determine whether the host is part of an Active Directory (AD) environment. If so, criminals deploy Cobalt Strike and perform reconnaissance to map the network. If the results indicate a high-value target, criminals attempt lateral movement and will often deploy ransomware like Conti …

Read More

Latest news
Related news