Unmasking Xworm Payload Execution Path through Jailbreaking a Malicious JScript Loader

Unmasking Xworm Payload Execution Path through Jailbreaking a Malicious JScript Loader

Security researchers are analyzing a sophisticated malware delivery mechanism that uses a JScript loader to deploy different payloads based on the victim’s geographic location. This loader initiates a complex chain involving obfuscated PowerShell scripts, ultimately executing potent malware like the XWorm Remote Access Trojan (RAT) or the Rhadamanthys information stealer.

Source: GBHackers

Date:

15 April 2025

Categorie(s):

Tag(s):

Chain, Cyber Attack, Cyber Security News, Execution, Path

159 CVEs Exploited in the Wild in Q1 2025, 8.3% Targeted Within 1-Day Vulnerabilities Exploited25 April 2025
Hackers Claim TikTok Breach, Leak Over 900,000 Usernames and Passwords25 April 2025
Detectify Asset Classification and Scan Recommendations improves vulnerability testing25 April 2025
Modern Disaster Recovery Explained: From Edge to AI Automation25 April 2025
Rubrik Identity Resilience protects vulnerable authentication infrastructure25 April 2025