PoohMilk Loader

Description

(Palo Alto) Our analysis shows that PoohMilk is the first stage loader. After a successful exploitation, it sets persistence in the registry with the appropriate command line argument to execute the second stage payload, in this case, Freenki Loader.

Names

Name
PoohMilk Loader
PoohMilk

Type

Loader

Information

https://unit42.paloaltonetworks.com/unit42-freemilk-highly-targeted-spear-phishing-campaign/
http://blog.talosintelligence.com/2018/01/korea-in-crosshairs.html

Malpedia

https://malpedia.caad.fkie.fraunhofer.de/details/win.poohmilk

Alienvault Otx

https://otx.alienvault.com/browse/pulses?q=tag:poohmilk

Other Information

Uuid

bc01c3df-e07f-4d47-b0c6-dc9f7171dda1

Last Card Change

2020-05-14

Threat Intelligence Garden

Explorer

PoohMilk Loader

PoohMilk Loader

Description

Names

Category

Type

Information

Malpedia

Alienvault Otx

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks