← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malvertising Campaign Leads to Execution of Oyster Backdoor | Rapid7 Blog
WHITE Armature_TIP 2025-02-22 Modified: 2025-03-24
30
IOCs
MEDIUM VOLUME
Find out more about Rapid7 Labs, the company behind the Take Command Summit, and its partnership with the Boston Bruins, which will be held in the US on 9 May 2017, at the same time.
managed detection and response (mdr)detection and responseemergent threat responseincident responsemicrosoft teamsrapid7python scriptlnk filedomaintemp directoryjsonhttp postfiledisplaynamevirustotalbroomstickfebruarytwittermalwarecodemaliciouspersistenceschtaskspowershellexecutionoyster maintestfull postdetectionresponseattackmetasploitcookie
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Oyster Main
Indicators of Compromise (7 / 30 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 3783c137efc90636f367351069121f41 MD5 of 574c70e84ecdad901385a1ebf38f2ee74c446034e97c33949b52f3a2fddcd822 2025-02-22
FileHash-MD5 7121d0e9fdd9fa23acfea6b4939c2a65 MD5 of 82b246d8e6ffba1abaffbd386470c45cef8383ad19394c7c0622c9e62128cb94 2025-02-22
FileHash-MD5 b48ab98dd6a5145a64a8eb318a04aa85 MD5 of cfc2fe7236da1609b0db1b2981ca318bfd5fbbb65c945b5f26df26d9f948cbb4 2025-02-22
FileHash-MD5 e0efcd15daaa87d864f56c803156ae43 MD5 of 9601f3921c2cd270b6da0ba265c06bae94fd7d4dc512e8cb82718eaa24accc43 2025-02-22
FileHash-MD5 08822f57c12416bc3e74997c473d1889 2025-02-22
FileHash-MD5 445c442696fa267686b6b6f6c6443444 2025-02-22
FileHash-MD5 445c442696fa76f696cecea6ce443444 2025-02-22
References (1)
↗ https://www.rapid7.com/blog/post/2024/06/17/malvertising-campaign-leads-to-execution-of-oyster-backdoor/