November 30, 2023

A new malware campaign dubbed ObliqueRAT using malicious Microsoft Office documents to target government organizations in Southeast Asia , through a Email phishing campaign

The file name in the campaign is like one of Company-Terms.doc & DOT_JD_GM.doc“.if user opens the file it prompts for a password, once the file gets opened the below events will start processing

The malicious script then creates a shortcut in the Start-Up directory to achieve persistence if the machine is rebooted.

The second stage of the payload is ObliqueRAT which has various features & functions, the RAT communicates with the C&C server and then execute the commands.

The malware checks for the process named “Oblique” running on the infected machine, if already process is running then RAT will stop the execution.

Capabilities

  • Able to execute commands on the infected system
  • Exfiltrate files from the computer
  • An Attacker can drop additional files
  • Able to terminate any running process

Leave a Reply

Related Post

VPN ! Terms that comes infront .

April 22, 2020

Maze ! How this Creep gets the victim Mazed

April 19, 2020

You may have missed

BlueVoyant Acquires Conquest Cyber

November 30, 2023

Google Fixes Sixth Chrome ZeroDay of 2023

November 29, 2023

Ardent Health Services affected by a cyber incident

November 29, 2023

GE and DARPA – Claimed Hack raises concerns

November 28, 2023

POC released for Splunk Enterprise Vulnerability- CVE-2023-46214

November 28, 2023

AWS Detective adds new Capabilities

November 27, 2023
%d bloggers like this: