Proofpoint researchers recently discovered a new downloader malware in a fairly large campaign (millions of messages) primarily targeting financial institutions. The malware, dubbed “Marap” (“param” backwards), is notable for its focused functionality that includes the ability to download other modules and payloads. The modular nature allows actors to add new capabilities as they become available or download additional modules post infection. To date, we have observed it download a system fingerprinting module that performs simple reconnaissance.
Leave a Comment
You must be logged in to post a comment.