Malware using new Ezuri memory loader

January 7, 2021 | Ofer Caspi
Ofer Caspi

Ofer Caspi

Ofer is a Security Researcher at Alien Labs, part of the AT&T Cybersecurity. He can be found on LinkedIn and Twitter (@ShablolForce)

January 7, 2021 | Ofer Caspi

Malware using new Ezuri memory loader

This blog was written by Ofer Caspi and Fernando Martinez of AT&T Alien Labs Multiple threat actors have recently started using a Go language (Golang) tool to act as a packer and avoid Antivirus detection. Additionally, the Ezuri memory loader tool acts as a malware loader and executes its payload in memory, without writing the file to disk.…