SambaCry creators developed new malware

The hacker group which created recently acclaimed Linux malware Sambacry  have allegedly created a windows malware named CowerSnail. Kaspersky researchers based these assumptions on the fact that both the malware families were leveraging common command and control (C&C) infrastructure. After installation the malware escalates its privileges and then starts communications with C&C.

Unlike SambaCry CowerSnail does not download cryptocurrency mining software by default, instead it works as a backdoor capable of executing command and payloads, stealing information and uninstalling itself

VT link for the payload:

https://www.virustotal.com/en/file/3fb8a4d2ed4f662a4cb4270bb5f488b79c8758aa6fc5c8b119c78fba38d6b7d1/analysis/

Reference:

Securelist (KasperSky labs): https://securelist.com/sambacry-is-coming/78674/

Leave a Reply

Your email address will not be published. Required fields are marked *