Kimsuky_Bootservice_CHM_Dropper

YARA Rule

First Seen: 2026-04-11
Last Seen: 2026-04-11

1

Related Reports
0

Related IOCs

Related Reports

2026-04-11

Break Glass Intelligence

We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger

#CHM #Kimsuky #T1518.001 #T1115 #T1566.001 #T1083 #T1041 #T1059.001 #T1053 #T1132.001 #T1059.005 #T1204.002 #T1036.005 #T1056.001 #T1071.001 #T1140 #T1057 #T1082

« Back

⚠ These IoCs were automatically extracted using regular expressions or an LLM and may include non-malicious data.