Intrusions by Gama Copy also closely resembled those of the advanced persistent threat operation Core Werewolf with both groups' utilization of 7-ZIP self-extracting archive files for UltraVNC execution, port 443 for server connections, and the EnableDelayedExpansion command, an analysis from the Knownsec 404 Advanced Threat Intelligence team revealed.
Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor.
Enroll Now and Save 10%: Coupon Code MWNEWS10
Note: Affiliate link – your enrollment helps support this platform at no extra cost to you.
Article Link: Attacks by Gamaredon copycat target Russia | SC Media