SoranoLoader source released publicly [Download]

SoranoLoader is what is known as a malware loader, a type of malicious code that specializes in loading a second-stage malware payload onto a victim’s system. Unlike dropper malware, that downloads malicious files from a command-and-control server, loaders hide a malware payload inside the actual loader code.

The source code of SoranoLoader has been released on Github.

Additionally, one of the sites linked to SoranoLoader is still serving unwanted content.

Bunch of unwanted landing pages on projectsorano.xyz

References

https://www.virustotal.com/gui/ip-address/5.101.152.189/relations

https://otx.alienvault.com/pulse/5ed90302c47457409c1403e5

Share this info: