2022-01-05

ZLoader

Level: 
Tactical
  |  Source: 
CheckPoint
Cybersecurity
Share:

ZLoader

Research provided by Golan Cohen from CheckPoint Research identifies new activity with ZLoader malware. The malware utilizes compromised remote software management - Atera for initial access. Following the agent install, batch scripts are executed to setup persistence and modify properties of windows defender. The malware attempts to utilize stealth utilizing many LOLBin binaries.

     

Get trending threats published weekly by the Anvilogic team.

Sign Up Now