Mirrors/cert-orangecyberdefense-cti
1
0
Fork 0
mirror of https://github.com/cert-orangecyberdefense/cti synced 2026-06-10 23:41:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update sources

Browse Source
This commit is contained in:
CERT Orange Cyberdefense
2026-05-05 12:23:49 +02:00
committed by GitHub
parent afdade9fab
commit b02e3b1e9b
1 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
STX-RAT/20260505_stx-rat_campaigns.md
+15 -1
View File
@@ -28,6 +28,20 @@ Notably, credential theft is only activated after successful C2 interaction.
6/ Bottom line: different lures, similar staging, same malware outcome. 6/ Bottom line: different lures, similar staging, same malware outcome.
7/ We published a full advisory for our customers on the infection chain, overlaps, and malware analysis. Related IoCs are also available in this public GitHub repository. 7/ We published a full advisory for our customers on the infection chain, overlaps, and malware analysis. Related IoCs are also available in this public GitHub repository.
Sources:
eSentire: https://www.esentire.com/blog/stx-rat-a-new-rat-in-2026-with-infostealer-capabilities
Alyac: https://blog.alyac.co.kr/5738
Other STX RAT campaigns:
CPUID: https://x.com/d0cTB/status/2042520961824559150
Kaspersky: https://securelist.com/tr/cpu-z/119365/