silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,275
A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines.
The malware, dubbed WhiteShadow by researchers at Proofpoint Threat Insight Team who found it, comes in the form of a set of Microsoft Office macros designed to work together to infect targets with a large array of malware strains it downloads from attacker-controlled Microsoft SQL Servers.
WhiteShadow is delivered via malspam emails containing malicious URLs or Microsoft Word and Microsoft Excel attachments that bundle malicious the downloader's Visual Basic macros which will install the malware payloads after execution.
New WhiteShadow Downloader Uses MSSQL Servers for Malware Delivery
A new malware downloader delivered via multiple campaigns uses detection evasion techniques and Microsoft SQL queries to drop malicious payloads onto compromised machines.
www.bleepingcomputer.com
New WhiteShadow downloader uses Microsoft SQL to retrieve malware | Proofpoint US
New WhiteShadow downloader uses Microsoft SQL to retrieve malware
www.proofpoint.com