Warmcookie

WarmCookie 2023 backdoor. Invoice ZIP lure. Office JS API 3.7MB payload. JS obfuscation meaningful variable names. TA569.

Threat Profile
Type Loader
Programming LanguageJavaScript
C2 ProtocolHTTPS
First Seen2023
Targets Küresel Kurumsal
Purpose / Capabilities
  • Loader/Backdoor
No C2 servers have been identified for this family yet.

Research Reports (1)

Medium

WarmCookie -- Invoice 250288895_001.zip 3.7MB Obfuskated Office JS, _ust_be_20_Section Değişken Adları | Orta

WarmCookie 1.4MB Invoice fatura ZIP. 3.7MB JS extractor. Office.js API kutuphanesi. _ust_be_20_Section_ JS obfuskated degisken. Invoice lure.

Read Report →