Report an incident
Customer Portal
← Back to Labs
← Volver a Labs
Medium
APT, LOLBin
Defense Evasion, Execution
EDR, Sysmon, Windows

Unveiling Earth Alux’s VARGEIT Backdoor: Leveraging Legitimate Debuggers for Cyber Espionage

Recently, the use of legitimate Windows debugging tool to load malicious code into memory has been observed. The APT Earth Alux uses it to load its VARGEIT backdoor, which is an advanced circumvention technique to establish an initial foothold on the target system.

Download PDF

labs correlati

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation
Medium
Bypass
Privilege Escalation
Sysmon, Windows

RedSun: Turning Microsoft Defender into a Path to SYSTEM-Level Privilege Escalation

Learn more
BlueHammer windows Zero-Day
Medium
Bypass
Privilege Escalation
EDR, Sysmon, Windows

BlueHammer windows Zero-Day

Learn more
Weaponizing Windows Toast Notifications Abuse of ToastNotify.exe for Phishing and Credential Coercion
Medium
Bypass
Defense Evasion
EDR, Sysmon, Windows

Weaponizing Windows Toast Notifications: Abuse of ToastNotify.exe for Phishing and Credential Coercion

Learn more
1 2 3 12

Contacts

Get in touch with us

Contact Us
Sorint.SEC
Via dell'Artigianato,
24046 Osio Sotto BG
Italy


+39 035 0510401
info@sec.sorint.it
Pages
Services
Certifications
chevron-right