← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malvertising Campaign Leads to Execution of Oyster Backdoor | Rapid7 Blog
WHITE Armature_TIP 2025-02-22 Modified: 2025-03-24
30
IOCs
MEDIUM VOLUME
Find out more about Rapid7 Labs, the company behind the Take Command Summit, and its partnership with the Boston Bruins, which will be held in the US on 9 May 2017, at the same time.
managed detection and response (mdr)detection and responseemergent threat responseincident responsemicrosoft teamsrapid7python scriptlnk filedomaintemp directoryjsonhttp postfiledisplaynamevirustotalbroomstickfebruarytwittermalwarecodemaliciouspersistenceschtaskspowershellexecutionoyster maintestfull postdetectionresponseattackmetasploitcookie
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Oyster Main
Indicators of Compromise (4 / 30 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 CVE URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 574c70e84ecdad901385a1ebf38f2ee74c446034e97c33949b52f3a2fddcd822 2025-02-22
FileHash-SHA256 82b246d8e6ffba1abaffbd386470c45cef8383ad19394c7c0622c9e62128cb94 2025-02-22
FileHash-SHA256 9601f3921c2cd270b6da0ba265c06bae94fd7d4dc512e8cb82718eaa24accc43 2025-02-22
FileHash-SHA256 cfc2fe7236da1609b0db1b2981ca318bfd5fbbb65c945b5f26df26d9f948cbb4 2025-02-22
References (1)
↗ https://www.rapid7.com/blog/post/2024/06/17/malvertising-campaign-leads-to-execution-of-oyster-backdoor/