Copyright Lures Mask a Multi‑Stage PureLog Stealer Attack on Key Industries A targeted, multi‑stage campaign delivers PureLog Stealer using localized phishing lures and an evasive, encrypted delivery chain that extracts and executes payloads entirely in memory. The attack employs fileless techniques including a Python loader, dual .NET loaders, AMSI bypass, remote key retrieval, and C2 exfiltration, impacting organizations running Windows in healthcare,...

A multi-stage PureLog Stealer campaign targets key industries using localized copyright phishing lures and fileless execution via Python and .NET loaders on Windows systems, with AMSI bypass and memory-only payloads. #PureLog #FilelessAttack

PureLog Stealer Targets Key Industries

~Trendmicro~
A multi-stage PureLog Stealer campaign uses localized copyright lures and fileless execution to target critical sectors.
-
IOCs: 166. 0. 184. 127, quickdocshare. com, logs. bestshopingday. com
-
#Infostealer #PureLog #ThreatIntel