Threat Landscape Dashboard

Assessing today's threats and the relationships between them


The United States government released a Malware Analysis Report (MAR) with details about the malware variant BLINDINGCAN. The malicious software has been attributed to the HIDDEN COBRA threat group. A DLL labeled "iconcache.db" is dropped into the %ALLUSERSPROFILE% directory on the infected system which in turn installs the remote access trojan. The malware exfiltrates a range of sensitive information including operating system version, processor information, system name, and local network details.
Name Modified Date Sources
BLINDINGCAN 2020-08-19