Filter
Exclude
Time range
-
Near
vx-underground
@vxunderground
23 Jan 2025
x.com/i/article/188222680248…
6
42
26,193
vx-underground
@vxunderground
4 Jan 2024
We've made more updates to vx-underground - Old New Thing for December, 2023 added to archive - 30,000 new samples courtesy of @virussign Malware family updates: - Mirai - NetSupport - GuLoader - Formbook - DDosia - CrysisRansomware - CustomerLoader
1
6
76
20,838
crep1x@crep1x
19 Jul 2023
We also unveiled the infrastructure of over 50 domains, used by a customer of the loader. The attacker used it to host: - distribution websites - redirection domains - file hosting domains - C2 servers And used CustomerLoader to distribute Redline and a miner.
1
4
350
MalwareHunterTeam
@malwrhunterteam
19 Jul 2023
So, @sekoia_io published a generally very good article about this thing (they named it CustomerLoader): blog.sekoia.io/customerloade…
2
9
3,615
crep1x@crep1x
19 Jul 2023
Last week, we published a blog post about the new CustomerLoader malware used to distribute various payloads, including infostealers, RATs, other loaders and ransomware. We collected most of the next-stage payloads, decrypted them and analysed them ⬇️

Sekoia.io@sekoia_io
12 Jul 2023
Our #TDR analysts just released their latest blogpost, it describes an investigation on a new #Loader named #CustomerLoader. The malware is used to deliver a variety of malware families. Downloaded payloads by the loader always use #dotRunpex injector. blog.sekoia.io/customerloade…
1
10
28
3,734
Virus Bulletin@virusbtn
13 Jul 2023
Sekoia researchers present a technical analysis of CustomerLoader, focusing on the decryption of the next-stage payloads, an overview of more than 30 known & distributed malware families, & details of 3 infection chains observed distributing the loader. blog.sekoia.io/customerloade…
11
33
4,842
Pierre Le Bourhis@plebourhis
12 Jul 2023
It was a fun investigation to automate AES key and C2 URL recovering to determine #CustomerLoader distribution. Here is the #Python extractor, not the cleverest one but it does the job ¯\_(ツ)_/¯ gist.github.com/lbpierre/ad6…

CustomerLoader AES key and C2 URL extraction

CustomerLoader AES key and C2 URL extraction. GitHub Gist: instantly share code, notes, and snippets.

gist.github.com
Sekoia.io@sekoia_io
12 Jul 2023
Our #TDR analysts just released their latest blogpost, it describes an investigation on a new #Loader named #CustomerLoader. The malware is used to deliver a variety of malware families. Downloaded payloads by the loader always use #dotRunpex injector. blog.sekoia.io/customerloade…
1
8
30
3,370
Sekoia.io@sekoia_io
12 Jul 2023
We also assess that #CustomerLoader is certainly associated with a Loader-as-a-Service, which remains unknown at the time of writing. The loader delivered a variety of malware families, RAT (AsyncRAT, QuasarRAT), stealer (Redline, Formbook, Stealc,), keylogger (Kraken)
1
1
5
931
Sekoia.io@sekoia_io
12 Jul 2023
Our #TDR analysts just released their latest blogpost, it describes an investigation on a new #Loader named #CustomerLoader. The malware is used to deliver a variety of malware families. Downloaded payloads by the loader always use #dotRunpex injector. blog.sekoia.io/customerloade…
1
24
50
13,676
Kimberly@StopMalvertisin
12 Jul 2023
SEKOIA Blog | CustomerLoader: a new malware distributing a wide variety of payloads stpmvt.com/3roQf4V
1
5
671
Load more