November 14th, 2019 By Tara Seals
A lengthy, multi-stage infection process leads to a duo of payloads, bent on stealing data.
A newly discovered initial-stage malware dropper has been discovered sneaking by antivirus products, with the ultimate goal of delivering a double-pronged whammy of RevengeRAT and WSH RAT payloads onto targeted Windows machines.
A FortiGuard Labs team recently captured a sample file that had been flagged as suspicious, but which had a notably low detection rate in VirusTotal. After putting the code through manual analysis, it turns out that the file was designed to drop the duo of remote access trojans (RATs) via a multi-stage infection process.