Log in
E-mail
Password
Show password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON
  1. Homepage
  2. Equities
  3. Japan
  4. Japan Exchange
  5. Trend Micro Incorporated
  6. News
  7. Summary
    4704   JP3637300009

TREND MICRO INCORPORATED

(4704)
  Report
SummaryChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsOther languagesPress ReleasesOfficial PublicationsSector news

Trend Micro Incorporated : Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads

09/21/2021 | 03:42am EDT

We encountered a fileless campaign that used a new HCrypt variant to distribute numerous remote access trojans (RATs) in victim systems. This new variant uses a newer obfuscation mechanism compared to what has been observed in past reports. It reached the peak of activity in the middle of August 2021.

HCrypt is a crypter and multistage generator that is considered difficult to detect. It is identified as a crypter-as-a-service, paid for by threat actors to load a RAT (or in this case RATs) of their choosing. The campaign also showed new obfuscation techniques and attack vectors, different from those that were observed in the past.

In this campaign, which we have labelled Water Basilisk, the attacker mostly used publicly available file hosting services such as "archive.org", "transfer.sh", and "discord.com", to host the malware while hacked WordPress websites were used to host phishing kits.

The malicious file is hidden as an ISO that is distributed through a phishing email or website. This file contains an obfuscated VBScript stager responsible for downloading and executing the next stage of the VBScript content onto the infected system memory.

The final stage is an obfuscated PowerShell script that contains the payloads and is responsible for deobfuscating and injecting them into the assigned process. In some cases, the final stage PowerShell script contained up to seven various RATs. These are typically NjRat, BitRat, Nanocore RAT, QuasarRat, LimeRat, and Warzone.

HCrypt version 7.8

In a nutshell, Water Basilisk's attack chain is a combination of the VBScript and PowerShell commands. HCrypt creates various obfuscated VBScripts and PowerShell to deliver or inject the final payload into a given process in a victim system. The latest version of this crypter is 7.8, based on what we have seen in its builder and website.

Disclaimer

Trend Micro Inc. published this content on 20 September 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 21 September 2021 07:41:20 UTC.


© Publicnow 2021
All news about TREND MICRO INCORPORATED
08:12aTREND MICRO INCORPORATED : Tracking CVE-2021-26084 and Other Server-Based Vulnerability Ex..
PU
10/15TREND MICRO INCORPORATED : Security Risks with Private 5G in Manufacturing Companies Part...
PU
10/15TREND MICRO INCORPORATED : Ransomware Operators Found Using New "Franchise" Business Model
PU
10/15TREND MICRO INCORPORATED : This Week in Security News – October 15, 2021
PU
10/14TREND MICRO INCORPORATED : Analyzing Email Services Abused for Business Email Compromise
PU
10/14TREND MICRO INCORPORATED : Secure Manufacturing on Cloud, Edge and 5G (Download PDF)
PU
10/13TREND MICRO INCORPORATED : New Bill to Require Cyber Attack Reporting in the US
PU
10/13OCTOBER PATCH TUESDAY : 3 Critical Bulletins Among 71
PU
10/12TREND MICRO INCORPORATED : Minimize SecOps Risk with Less Tools and More Security
PU
10/12TREND MICRO INCORPORATED : Honda to Start Selling Smart Car Data
PU
More news
Financials
Sales 2021 186 B 1 631 M 1 631 M
Net income 2021 31 531 M 276 M 276 M
Net cash 2021 175 B 1 531 M 1 531 M
P/E ratio 2021 27,7x
Yield 2021 2,70%
Capitalization 871 B 7 632 M 7 623 M
EV / Sales 2021 3,73x
EV / Sales 2022 3,47x
Nbr of Employees 6 975
Free-Float 95,3%
Chart TREND MICRO INCORPORATED
Duration : Period :
Trend Micro Incorporated Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends TREND MICRO INCORPORATED
Short TermMid-TermLong Term
TrendsNeutralBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus HOLD
Number of Analysts 11
Last Close Price 6 280,00 JPY
Average target price 6 492,00 JPY
Spread / Average Target 3,38%
EPS Revisions
Managers and Directors
Yi Fen Chen President, Group CEO & Representative Director
Mahendra Negi Group CFO, Representative Director & VP
Ming Jang Chang Chairman
Max Cheng Chief Information Officer & Executive VP
Kevin Simzer Chief Operating Officer
Sector and Competitors
1st jan.Capi. (M$)
TREND MICRO INCORPORATED5.72%7 669
MICROSOFT CORPORATION36.77%2 283 977
SEA LIMITED78.10%195 739
ATLASSIAN CORPORATION PLC75.20%103 110
ZOOM VIDEO COMMUNICATIONS, INC.-21.05%79 131
DASSAULT SYSTÈMES SE38.73%70 312