Tangerine Turkey Malware Analysis & Yara Rule

4 months ago 175

New technical analysis of Tangerine Turkey - a sophisticated cryptomining operation spreading via USB and abusing Windows LOLBins.

Key Findings:

  • USB VBS dropper with worm capabilities
  • LOLBin abuse (printui.exe)
  • Multi-stage persistence
  • XMRig miner payload

My Contribution:
Developed custom Yara rule detecting:

  • VBS/BAT components
  • Service creation
  • Defender evasion
  • Known IOCs

Practical detection for SOC teams against this emerging threat.

#MalwareAnalysis #CyberSecurity #YaraRules #ThreatHunting

submitted by /u/SUmidcyber to r/ReverseEngineering
[link] [comments]
Read Entire Article
  1. Homepage
  2. Broward
  3. Tangerine Turkey Malware Analysis & Yara Rule

Related

Multi Programming Languages Projects Made Easy - I Built Mangle.dev

Multi Programming Languages Projects Made Easy - I Built Man...

1 week ago 59
Polar Bears Are Thriving Despite Loss Of Sea Ice

Polar Bears Are Thriving Despite Loss Of Sea Ice

1 week ago 56
Which version of Windows 10 is still supported?

Which version of Windows 10 is still supported?

1 week ago 52
Approach The Subject Cautiously

Approach The Subject Cautiously

1 week ago 55
Recommendations for guided meditations that won't make me cringe

Recommendations for guided meditations that won't make me cr...

1 week ago 57
My torbie queen has claimed the spicy baby bean 💖

My torbie queen has claimed the spicy baby bean 💖

1 week ago 47
Suggestions needed

Suggestions needed

1 week ago 43
Help identify structure in between lungs

Help identify structure in between lungs

1 week ago 48
The Long Tail of LLM-Assisted Decompilation

The Long Tail of LLM-Assisted Decompilation

1 week ago 43
u/newzinoapp on the HDD supply and AI bubble concerns

u/newzinoapp on the HDD supply and AI bubble concerns

1 week ago 50
We had to hold this little cloud so she wouldn't float away 🤭

We had to hold this little cloud so she wouldn't float away ...

1 week ago 50
We had to hold this little cloud so she wouldn't float away 🤭

We had to hold this little cloud so she wouldn't float away ...

1 week ago 44
We had to hold this little cloud so she wouldn't float away 🤭

We had to hold this little cloud so she wouldn't float away ...

1 week ago 46

Trending

Popular

Roommate?

Roommate?

3 weeks ago 175
Going to Delray Hideout for the game

Going to Delray Hideout for the game

3 weeks ago 115
Reddit has been running recruitment ads for the US Border Patrol with the phrase "Don't be a keyboard warrior - be a border defender!" w/ a picture of a guy in full tactical gear including a canister of pepper spray. How do you feel about Reddit selling ads to the US Border Patrol?

Reddit has been running recruitment ads for the US Border Pa...

1 week ago 110
The Gang Republic: Inside Haiti’s New Order (2026) - ~3 million people living in the grips of all-out gang war. France24 spent a fortnight filming in and around the Haitian capital, speaking to a population held hostage by this drawn-out crisis (CC) [00:52:38]

The Gang Republic: Inside Haiti’s New Order (2026) - ~3 mill...

1 week ago 109
Where can I buy a men’s winter jacket in Boynton Beach?

Where can I buy a men’s winter jacket in Boynton Beach?

3 weeks ago 109
Going to Delray Hideout for the game

Going to Delray Hideout for the game

3 weeks ago 107
English (US) English (US) ·
About Us · Contact Us · Terms & Conditions ·

© BrowardLocals.com 2026. All rights are reserved