← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
FINALDRAFT Malware Abuses Outlook for C2 Communications
WHITE Superpro 2025-02-17 Modified: 2025-03-19
72
IOCs
HIGH VOLUME
A newly discovered cyber espionage campaign has been linked to a threat group known as REF7707, which has been targeting government and academic institutions since November 2024. Researchers said the attackers infiltrated a foreign ministry in South America, along with a university and a telecom company in Southeast Asia, using advanced malware with remote access capabilities.
finaldraftref7707virustotalguidloadermicrosoftlabspathloadersoutheast asiawindowssecurity labsaugustpowershellsiestagraphmalwareagentpersistencehongfebruaryc:\\windows\\system32\\net1
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
C:\\Windows\\system32\\net1 PATHLOADER FINALDRAFT
Indicators of Compromise (2 / 72 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
URL https://mrd0x.com/the-power-of-cdb-debugging-tool/ 2025-02-17
URL https://support.vmphere.com 2025-02-17
References (1)
↗ https://www.elastic.co/security-labs/fragile-web-ref7707