Malicious ISO File Leads To Quantum Ransomware Infection
A spam campaign was discovered using IcedID contained within an ISO image to drop variants from the Quantum ransomware family.
Multiple Windows utilities such as net nltest and ipconfig were used for reconnaissance while Atera Splashtop and a Cobalt Strike beacon were used for persistence.
Additional tools including ProcDump PowerShell Mimikatz and Rclone were used to collect and exfiltrate sensitive information.
Featured Resources
View More Resources
Demo
From Vulnerability to Validation
See how Cymulate connects vulnerabilities to real attack scenarios to validate what’s actually exploitable.
Demo
Threat Validation Demo
See how Cymulate helps security teams quickly validate protection against new threats and get answers in minutes
Demo
From Control Validation to Exposure Validation
See how security teams move from control validation to true exposure validation using real-world attack scenarios