ScreenConnect

ScreenConnect ConnectWise legitimate RMM tool abuse. invitedGuests.bat. BAT dropper + MSI installation.

Threat Profile
Type RAT
Programming LanguageProprietary
C2 ProtocolHTTPS
First Seen2024
Targets Küresel Kurumsal
Purpose / Capabilities
  • Remote Access (RMM Abuse)

C2 Servers 2

Address Port Protocol Status Action
hbdhfijnsgjnds.top
443 HTTPS INACTIVE
hbdhfijnsgjnds.top
443 HTTPS INACTIVE

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (2)

Medium

ScreenConnect Abuse -- invitedGuests.bat hbdhfijnsgjnds.top C2, Yasal RMM Aracı Kötüye Kullanımı | Orta

ScreenConnect 1KB invitedGuests.bat davet listesi. hbdhfijnsgjnds.top DGA C2. ConnectWise meşru RMM araç kötüye kullanim.

Read Report →
High

ScreenConnect/ConnectWise -- 1052 Byte invitedGuests.bat, hbdhfijnsgjnds.top .top C2 | Yüksek

ConnectWise RAT abuse 1052 byte. invitedGuests.bat admin.hbdhfijnsgjnds.top ScreenConnect.ClientSetup.msi indirme.

Read Report →