Fresh Malware with No Known Family Discovered in Targeted Attack

[Bot]

A new freshly compiled piece of malicious code was discovered in the wild and the security company that found it can't even place it in a known malware family. Cylance named it the Infostealer Paipeu.

Security company Cylance recently discovered such a sample after one of its prevention products quarantined a threat in the System32 directory on a customer's endpoint.

"The location of the file, the recent compile date, and the lack of similar files on known malware repositories combined to flag this sample as something we should take a deeper look at it.

The sample, it seems, performs a straight call back to a Korean IP address. Once the malware connected to a fake server, researchers were able to view a HTTP POST over port 443. "The entire HTTP header is hardcoded as a single string and only the POST data changes. After the POST and la... (read more)

Read more: Fresh Malware with No Known Family Discovered in Targeted Attack