IDP Signatures
79343 MALWARE.PIKABOT.INFECTION.WITH.MEDUZA.STEALER.B
Back to list| Signature Id | 79343 |
| Name | MALWARE.PIKABOT.INFECTION.WITH.MEDUZA.STEALER.B |
| Group | IPS MALWARE GENERAL |
| Issued | 2024-04-25 |
| Last Updated | 2024-04-25 |
| Description | This malware spreads via email attachments containing an ISO image. Once opened, it side-loads a malicious DLL named edputil.dll using a copy of write.exe. This DLL then retrieves and executes the Pikabot DLL, connecting to its Command and Control (C2) server. Subsequently, the malware initiates Meduza Stealer activity. |