This week, the SonicWall Capture Labs threat research team analyzed a sample of Marsilia malware, also known as Mallox. This is a multi-stage sample that, when functional, will have a first stage that enumerates system information and creates persistence. The second stage is then downloaded and will perform data extraction and encryption for ransomware purposes.
This is an article about a new Marsilia ransomware downloader. It discusses technical analysis of the downloader and SonicWall Capture Labs’ protection against it.
Highlights
- The article discusses technical analysis of a new Marsilia ransomware downloader.
- The downloader is a multi-stage sample that enumerates system information and creates persistence.
- It then downloads a second stage that performs data extraction and encryption.
- SonicWall Capture Labs provides protection against this threat.