large-logo-mcafee-dark

Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Himera and AbSent-Loader

An unknown threat actor leveraged the ongoing COVID-19 pandemic to lure unsuspecting users to open spear-phishing emails which contained malicious Microsoft Word attachments. Once opened by the victim, the multi-staged attack used a loader to install a second stage dropper which was used to confirm the system passes all anti-analysis scans. After passing the scan another file is downloaded from a remote location and creates a scheduled task for persistence.
Name Modified Date Sources
Operation Himera and AbSent-Loader 2020-06-19