2023-02-07 (Tuesday) - Amongst all the #Qakbot malspam, I ran across a #OneNote file pushing unidentified malware. IOCs, #pcap, malware/artifacts, and one of the emails pushing this malware are available at: https://www.malware-traffic-analysis.net/2023/02/07/index.html

There's a history of #Qakbot email distribution used to push other malware like #Matanbuchus (which I originally thought this was) last year and #Squirrelwaffle in September 2021.

But this appears to be a new malware family I haven't seen before.

Researchers warn of a new #malware campaign driven by "#Matanbuchus," a malware-as-a-service (Maas) that spreads via #phishing campaigns and drops the #CobaltStrike post-exploitation framework on targeted machines.

https://thehackernews.com/2022/06/researchers-warn-of-matanbuchus-malware.html

#infosec #hacking #cybersecurity