LESLIELOADER

Description

(Kroll) The loader achieves its goal by decoding and decrypting a secondary payload binary, then injecting it into a notepad.exe instance. This injection allows the malware to blend with legitimate system activity as it shares the memory space of a legitimate application. Despite detection tools’ ability to mitigate process injections, they remain a common evasion tactic.

Names

Name
LESLIELOADER

Type

Loader

Information

https://www.kroll.com/en/insights/publications/cyber/leslieloader-undocumented-loader-observed
https://go.recordedfuture.com/hubfs/reports/cta-2024-0716.pdf

Other Information

Uuid

532e4f3e-a52a-4e25-ba6e-c3d79e3d9ecd

Last Card Change

2024-08-27

Threat Intelligence Garden

Explorer

LESLIELOADER

LESLIELOADER

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks