Mjag dropper: Using decoy documents to drop RATs

Mjag dropper Mjag dropper is compiled in the Microsoft .NET framework, and its original binary is obfuscated using SmartAssembly. The installation path and other details are stored in encrypted form using AES encryption (Fig. 1), and the decryption key is hardcoded. Fig. 1: AES decryption function The payload and decoy ... Read More