CatégorieNon classé

[DNSPIONAGE] – Focus on internal actions


Recently, we had an incident response involving the malware DNSPIONAGE. At CERT-OPMD, we thought it would be interesting to share our observations. Mainly, we could observe quietly common actions and tools as described in infography below.In this blogpost, we will not describe and analyse again the dropper, because Talos did a great job here : But we will focus in a way on what they could not...