Intezer Analyze May Community Roundup

Written by Intezer

    Share article
    FacebookTwitterLinkedInRedditCopy Link

    See below some of the threats our community detected this month

    1. Fileless Dridex sample, originally with five detections in VirusTotal, contains a payload that unpacks itself as shellcode. Learn about Intezer Analyze’s NEW unpacking capabilities

    Screen Shot 2020 05 21 at 3.13.10 PM

    2. H2Miner, with only two out of 59 detections in VirusTotal, targets vulnerable SaltStack instances using CVE-2020-11651/2. Exploitation of SaltStack Vulnerabilities Signals Increase in Cloud Server Attacks

    Screen Shot 2020 05 21 at 3.25.41 PM

    3. Another H2Miner sample, also with two detections in VirusTotal, exploits vulnerabilities CVE-2020-11651/2.

    Screen Shot 2020 05 21 at 4.02.00 PM

    4. Fully undetected Linux LD-PRELOAD userland rootkit uploaded from the United States and Russia, hides SSH connections via hooking fopen on /dev/net/tcp and conceals itself via hooking readdir.

    Screen Shot 2020 05 24 at 12.46.33 PM

    5. Cross-platform wellmess Linux sample, written in Golang, has four detections in VirusTotal.

    Screen Shot 2020 05 21 at 3.32.55 PM

    6. Emotet sample, uploaded from Japan, has five out of 70 detections in VirusTotal. Automatic unpacking in Intezer Analyze reveals the payload shares code with an older Emotet variant. Search by hash fccc6f6e8b036fd9536649cfaef73b6e to analyze the older variant in Intezer Analyze. Try it Now

    Screen Shot 2020 05 21 at 3.42.29 PM

    Join the thousands of security professionals using the Intezer Analyze community edition to investigate suspicious
    files and devices. Sign up for free at

    Check out the new features on our YouTube channel:
    NEW Malware Family View
    NEW Unpack Evasive Payloads in Memory
    NEW Search by String


    Count on Intezer’s Autonomous SOC solution to handle the security operations grunt work.

    Generic filters
    Exact matches only
    Search in title
    Search in content
    Search in excerpt