Advanced Fileless Malware Campaign Targets Large Enterprises with Five Layers of Obfuscation

Fortra Intelligence and Research Experts (FIRE) have uncovered a highly sophisticated fileless malware campaign that uses five layers of obfuscation to evade email, endpoint, and memory-based defenses. The campaign is targeting large enterprises, with techniques that significantly increase attacker dwell time, complicates investigations.

Victims are at risk of credential theft, data exfiltration, and ransomware deployment, which could lead to operational disruption, regulatory exposure, reputational damage and more. Unlike typical fileless threats, this attack also leaves virtually no disk artifacts, with the loader fragmenting its payload across hundreds of environment variables, useing uncommon CJK character encoding, and reconstructing a .NET payload entirely in memory.

The full analysis can be found here: https://www.fortra.com/blog/5-layers-obfuscation-sophisticated-fileless-malware-campaign

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading