On April 8th, an interesting DLL was uploaded from Canada to VirusTotal. What makes it interesting is that the detections on VirusTotal are mostly heuristics and do not settle on a single family. The malware is also configured to beacon to an RFC1918 internal IP address, however, the name 816db8a1916201309d2a24b4a745305b.virus indicates it was picked up…

The post SuperCMD RAT appeared first on Speaking of Security – The RSA Blog.

Source: Security Bloggers Network @ May 3, 2017 at 12:37PM