VileRAT malware analysis

L

likeastar20

Level 8
Thread author
Verified
Mar 24, 2016
374
@struppigel

Remember the Nulloy zero-day malware I posted on MalwareTips on behalf of @SkeletalDemise? Turns out it was a RAT, created by an APT group. Someone wrote an article(analysis) about it and even linked the forum post.

Technical analysis: The silent torrent of VileRAT — Stairwell


Origina thread:
malwaretips.com

Question - Steamunlocked malware?

This Nulloy folder is dropped by another .exe as far as i know. Recently, I've seen some people get infected by this Nulloy malware. The original file seems to come from a steamunlocked redirect(not the actual downloded cracked game). BITRJLW.tmp & NvStTest.exe seem interesting. Asking...
malwaretips.com malwaretips.com


Basically, we were the first ones to find it, and @SkeletalDemise helped someone get it removed.
 
  • Applause
  • Like
  • +Reputation
Reactions: simmerskool, Kongo, Gandalf_The_Grey and 4 others
Sandbox Breaker

Sandbox Breaker

Level 9
Verified
Well-known
Jan 6, 2022
443
malwaretips.com

Malware Analysis - Possible Supply Chain on Ooma

One of my clients had an edr alerts from Ooma Office. After investigation we believe it's a part of an early Supply Chain attack. The process was Dormant until after 5pm business hours when it started spawning lolbins and doing discovery actions. Vt says 2 engines. Their main installer is...
malwaretips.com malwaretips.com

I doubt that anyone would link here because they want the fame. This is an example here...if ooma is breached it was mentioned here also. We are the tip of the spear my fellow analysts!
 
  • Applause
Reactions: simmerskool
Dweyscomet

Dweyscomet

New Member
Apr 7, 2024
3
Dweyscomet said:
Oh, VileRAT, quite the notorious piece of code, huh? Analyzing it can be like untangling a web of secrets.
Click to expand...
I stumbled upon this fascinating discussion over at guidedhacking.com that shed some light on its inner workings. It's like having a backstage pass to the malware world. Really helped me wrap my head around some of its tactics.
 

Similar threads

L
    • Like
    • +Reputation
    • Thanks
Question Steamunlocked malware?
Replies
41
Views
4,364
Malware Analysis
struppigel
struppigel
struppigel
    • +Reputation
    • Like
    • Applause
  • Locked
  • Sticky
By Staff Malware Analysis Forum Rules
Replies
0
Views
878
Malware Analysis
struppigel
struppigel
silversurfer
    • +Reputation
    • Like
Malware News New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
Replies
0
Views
1,247
Security News
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top