Threat Advisories:
🎧 Hive Force Labs: Critical Threats Affecting You This Week - 5 Minute Audio Intelligence Report
👥 Play Count: Loading...

Threat Actors Using WerFault.exe to Deploy Pupy RAT

Threat Level – Red | Vulnerability Report
Download PDF

The Pupy RAT malware is using a technique called DLL side-loading to disguise itself as the legitimate WerFault.exe process in order to evade detection. The malware is delivered via an ISO image that contains a malicious DLL file, a shortcut file, and an Excel file. When the shortcut file is opened, it runs the WerFault.exe process, which then uses the DLL side-loading technique to load and execute the malicious DLL.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox