Malware-summary

Sr.No	Malware Name	Malware Type	File Name	File Path
1	Shlayer	Downloader and dropper for MacOS malware.	Posing as a fake Adobe Flash updater.	Pattern <api.random_name.com>
2	CoinMiner	Cryptocurrency miner	Windows Management Instrumentation (WMI) and EternalBlue	Malspam or Dropped by other malware.
3	NanoCore	RAT spread via malspam	Download and Execute files, Visit Websites, and add registry keys for persistence.	Excel XLS spreadsheet
4	Agent Tesla	RAT spread	exfiltrate credentials, log keystrokes, and capture screenshots from an infected computer
5	ZeuS	modular banking trojan
6	Arechclient2/aka SectopRAT	.NET RAT	Profile victim systems, steal information such as browser and crypto-wallet data, and launch a hidden secondary desktop to control browser sessions. Additionally, it has several anti-VM and anti-emulator capabilities.
7	Delf	Delphi programming language	Backdoor or proxy functionality, stealing information, terminating antivirus applications, and mass mailing.	Dropped, malspam, or unintentional downloaded from a malicious website.
8	Mirai	botnet	Compromise Internet of Things (IoT) devices in order to conduct large-scale DDoS attacks.	Dropped after an exploit has allowed the attacker to gain access to a machine.
9	CryptoWall	ransomware	Upon successful infection, CryptoWall will scan the system for drive letters, network shares, and removable drives. a PowerShell-based backdoor allowing the attacker to obtain the system’s hostname and to run commands. Communicates through a DNS tunneling channel	Malspam with malicious ZIP attachments, Java vulnerabilities, and malicious advertisements
10	RedLine	infostealer	Targets information that can be easily monetized, such as credentials, cookies, banking information, and cryptocurrency wallet information. Additionally, the malware gathers information about the infected system such as web-browser, FTP clients, instant messengers, VPN services, and gaming clients. Furthermore, RedLine has remote functionality allowing it to download further malicious tools or drop additional malware.	Infostealer available for purchase on cyber-criminal forums.

1

Shlayer

Downloader and dropper for MacOS malware.

Posing as a fake Adobe Flash updater.

Pattern <api.random_name.com>

2

CoinMiner

Cryptocurrency miner

Windows Management Instrumentation (WMI) and EternalBlue

Malspam or Dropped by other malware.

3

NanoCore

RAT spread via malspam

Download and Execute files, Visit Websites, and add registry keys for persistence.

Excel XLS spreadsheet

4

Agent Tesla

RAT spread

exfiltrate credentials, log keystrokes, and capture screenshots from an infected computer

5

ZeuS

modular banking trojan

6

Arechclient2/aka SectopRAT

.NET RAT

Profile victim systems, steal information such as browser and crypto-wallet data, and launch a hidden secondary desktop to control browser sessions. Additionally, it has several anti-VM and anti-emulator capabilities.

7

Delf

Delphi programming language

Backdoor or proxy functionality, stealing information, terminating antivirus applications, and mass mailing.

Dropped, malspam, or unintentional downloaded from a malicious website.

8

Mirai

botnet

Compromise Internet of Things (IoT) devices in order to conduct large-scale DDoS attacks.

Dropped after an exploit has allowed the attacker to gain access to a machine.

9

CryptoWall

ransomware

Upon successful infection, CryptoWall will scan the system for drive letters, network shares, and removable drives. a PowerShell-based backdoor allowing the attacker to obtain the system’s hostname and to run commands. Communicates through a DNS tunneling channel

Malspam with malicious ZIP attachments, Java vulnerabilities, and malicious advertisements

10

RedLine

infostealer

Targets information that can be easily monetized, such as credentials, cookies, banking information, and cryptocurrency wallet information. Additionally, the malware gathers information about the infected system such as web-browser, FTP clients, instant messengers, VPN services, and gaming clients. Furthermore, RedLine has remote functionality allowing it to download further malicious tools or drop additional malware.

Infostealer available for purchase on cyber-criminal forums.

Top 10 Malware (Oct-2022)