Meterpreter
Detected as Win32.Packed.Generic (ReversingLabs).
C2 Infrastructure
Hosting/VPS89%
ISP/Residential11%
Last 7 days
Apr 14, 2026
C2 Hosts: 2
Apr 13, 2026
C2 Hosts: 2
Apr 12, 2026
C2 Hosts: 2
Apr 11, 2026
C2 Hosts: 2
Apr 10, 2026
C2 Hosts: 3
Apr 8, 2026
C2 Hosts: 2
| Date | C2 Hosts |
|---|---|
| Apr 14, 2026 | 2 |
| Apr 13, 2026 | 2 |
| Apr 12, 2026 | 2 |
| Apr 11, 2026 | 2 |
| Apr 10, 2026 | 3 |
| Apr 8, 2026 | 2 |
Further Reading
CUBA Ransomware Campaign Analysis — Elastic Security Labs
Elastic Security observed a ransomware and extortion campaign leveraging a combination of offensive security tools, LOLBAS, and exploits to deliver the CUBA ransomware malware.
elastic.co
Operation BarrelFire: NoisyBear Targets Kazakhstan Oil & Gas
Seqrite Labs uncovers Operation BarrelFire by NoisyBear, a cyber-espionage campaign targeting Kazakhstan’s oil & gas sector through phishing and malware.
seqrite.com
How Cybercriminals Abuse Cloud Tunneling Services | Trend Micro (US)
Our research examines how cloud tunneling services work and how organizations can thwart threats that abuse them.
trendmicro.com
Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency
New clues indicate that APT28 may be behind a mysterious intrusion that US officials disclosed last week.
wired.com