Rancor: Rancor, a group based out of China, currently being tracked by Palo Alto Networks’ Unit 42 is back again with a new malware dubbed Dudell. It is believed that this malware was created and used most recently in attacks that occurred between December 2018 and January 2019 that targeted Cambodian government organizations. The sample found by Unit 42 featured similarities to another malware associated with Rancor that was used against other Southeast Asian governments. The downloader is disguised as a Microsoft Excel document with the intent of running malicious macros and dropping second stage malware payloads.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.