logo

Threat Advisories Documents

IMPORTANT ANNOUNCEMENT: On May 6, 2024, Carbon Black User eXchange (UeX) and Case Management will move to a new platform!
The Community will be in read-only mode starting April 19th, 7:00 AM PDT. Check out the blog post!
You will still be able to use the case portal to create and interact with your support cases until the transition, view more information here!

TAU-TIN - GandCrab and Ursnif Campaign

TAU-TIN - GandCrab and Ursnif Campaign

Summary

The Carbon Black ThreatSight service discovered an ongoing campaign.  This campaign originally came in via phishing emails that contained an attached Word document with embedded macros, Carbon Black located roughly 180 variants in the wild.  The macro would call an encoded PowerShell script and then use a series of techniques to download and execute both a Ursnif and GandCrab variants.

The technical details of this campaign can be located in the external blog post. 

Labels (1)
Labels:
0 Kudos
Article Information
Author:
enardone
Creation Date:
‎03-05-2019
Views:
1192
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.