Recent Comments

    Blogroll

    Search

    Malware Analysis Report (AR19-304A)

    November 1st, 2019 by

    MAR-10135536-8 – North Korean Trojan: HOPLIGHT

    “This artifact is a malicious 32-bit Windows executable. When executed the malware will collect system information about the victim machine including OS Version, Volume Information, and System Time, as well as enumerate the system drives and partitions.

    The malware is capable of the following functions:

    —Begin Malware Capability—

    Read, Write, and Move Files
    Enumerate System Drives
    Create and Terminate Processes
    Inject into Running Processes
    Create, Start and Stop Services
    Modify Registry Settings
    Connect to a Remote Host
    Upload and Download Files”

    Posted in Identity Theft, Malware | No Comments »



    Leave a Reply