
← Back to Labs
← Volver a Labs
Medium
Campaign, LOLBin, Malware
Defense Evasion
Network, Windows
PureLog Stealer distributed via trojanized TaskScheduler targets Italy
A sophisticated phishing campaign targets manufacturing/government sectors in Italy, Finland, and Saudi Arabia via trojanized TaskScheduler loader. It abuses RegAsm.exe through process hollowing to deploy PureLog Stealer performing anomalous outbound network traffic from this .NET utility, signals code injection and living-off-the-land evasion.



