Unit 42
Threat Actors Target Government of Belarus Using CMSTAR…
Unit 42 identifies phishing emails using CMSTAR Trojan to target members of the Belarusian government. …
Unit 42
(
Unit 42
Using IDAPython to Make Your Life Easier: Part 6
In Part 5 of our IDAPython blog series, we used IDAPython to extract embedded executables from malicious samples. For this sixth installment, I’d like to discuss using IDA in a very automated way. S …
Government
Digital Quartermaster Scenario Demonstrated in Attacks …
Unit 42 has collected multiple spear phishing emails, weaponized document files, and payloads that targeted various offices of the Mongolian government during the time period of August 2015 and Februa …
Unit 42
Cmstar Downloader: Lurid and Enfal’s New Cousin
In recent weeks, Unit 42 has been analyzing delivery documents used in spear-phishing attacks that drop a custom downloader used in cyber espionage attacks. This specific downloader, Cmstar, is associ …