Blog | Endpoint Protection  ·  08. November 2021

Protection from Jennlog Loader

Jennlog Malicious Loader
© James Thew – stock.adobe.com

A malicious loader named Jennlog has recently been used by an Iranian threat actor called Agrius in a ransomware attack against a university in Israel.

The malware was written in .NET assembly language, and designed to target Windows® machines.

 

 

The loader hides its payload as a resource that initially appears to be a log file.

 

Instead, the resource contains  both the malicious payload (in this case, Orcus RAT) and the malware’s execution configuration. As an anti-analysis method, this loader checks for the presence of virtual machines (VMs) and sandboxes before unpacking its malicious payload, as this might indicate that it is being run on a researcher’s machine.

 

Jennlog loader: Operating System

Jennlog loader: Operating System

Risk & Impact

Jennlog Loader: Risk & Impact

 

To see how BlackBerry prevents Jennlog attacks from occurring, check out the following video:

 

Contact

Note: Please fill out the fields marked with an asterisk.

Source: https://bit.ly/blog-211108_source

 

Tags: BlackBerry, ISEC7, Mobility, Digital Workplace, Cybersecurity, Digital Transformation, Zero Trust, BlackBerry Spark Suites, Ransomeware, Jennlog

ISEC7 is member of the United Nations Global Compact, ecovadis GOLD rated and carbon neutral ( Learn more / Weitere Informationen )

ISEC7 GROUP AG,  ISEC7 GmbH and ISEC7 Inc.  are DIN ISO 9001  |  DIN ISO 14001  |  DIN ISO 27001 certified ( Learn more / Weitere Informationen )

Events & Trainings 2023/24

2023/24

Trainings 

16-17 Apr 24 Europ. Police Congress 2024 | Berlin

 

 

More info & all upcoming events ( DE / EN )




I S E C 7  G R O U P   -   N O R T H   A M E R I C A   |   E U R O P E   |   A S I A   P A C I F I C   -  INFO@ISEC7.COM