Technical Report

Cylance® threat researchers and incident response specialists recently uncovered new malware and tactics employed by OceanLotus Group. The use of exploit kits and one-line PowerShell commands allows this malware to conduct fileless attacks from memory, with no on-disk footprint.

Access Cylance's report to review in-depth technical analysis of the malware, C2 protocols, TTPs, and observations on the use of sophisticated backdoors, obfuscated CobaltStrike Beacon payloads, and PE/shellcode loaders from various exploit kits.

Get Access