New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/new-whiteshadow-downloader-uses-mssql-servers-for-malware-delivery/

A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines.

The malware, dubbed WhiteShadow by researchers at Proofpoint Threat Insight Team who found it, comes in the form of a set of Microsoft Office macros designed to work together to infect targets with a large array of malware strains it downloads from attacker-controlled Microsoft SQL Servers.

WhiteShadow is delivered via malspam emails containing malicious URLs or Microsoft Word and Microsoft Excel attachments that bundle malicious the downloader's Visual Basic macros which will install the malware payloads after execution.

New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery

A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines.

www.bleepingcomputer.com

New WhiteShadow downloader uses Microsoft SQL to retrieve malware | Proofpoint US

New WhiteShadow downloader uses Microsoft SQL to retrieve malware

www.proofpoint.com