Tangerine Turkey Malware Analysis & Yara Rule

1 month ago 90

New technical analysis of Tangerine Turkey - a sophisticated cryptomining operation spreading via USB and abusing Windows LOLBins.

Key Findings:

  • USB VBS dropper with worm capabilities
  • LOLBin abuse (printui.exe)
  • Multi-stage persistence
  • XMRig miner payload

My Contribution:
Developed custom Yara rule detecting:

  • VBS/BAT components
  • Service creation
  • Defender evasion
  • Known IOCs

Practical detection for SOC teams against this emerging threat.

#MalwareAnalysis #CyberSecurity #YaraRules #ThreatHunting

submitted by /u/SUmidcyber to r/ReverseEngineering
[link] [comments]
Read Entire Article
  1. Homepage
  2. Broward
  3. Tangerine Turkey Malware Analysis & Yara Rule

Related

Terrifying meditation

Terrifying meditation

2 weeks ago 45
iOS 26 - Reversing Swift Like a Pro

iOS 26 - Reversing Swift Like a Pro

2 weeks ago 40
CRISPR brings back ancient gene that prevents gout and fatty liver

CRISPR brings back ancient gene that prevents gout and fatty...

2 weeks ago 38
Why is this age filled with chaos, and can spirituality bring peace to society?

Why is this age filled with chaos, and can spirituality brin...

2 weeks ago 40
For a graphics card, should I grab an RTX 5080, a 9070 XT, or a 7900 XTX

For a graphics card, should I grab an RTX 5080, a 9070 XT, o...

2 weeks ago 40
If you’re making a full pot of coffee in just a standard drip pot, how many tablespoons of coffee grounds do you use?

If you’re making a full pot of coffee in just a standard dri...

2 weeks ago 38
A gentler self-care idea: mood → tiny scene (would this resonate?)

A gentler self-care idea: mood → tiny scene (would this reso...

2 weeks ago 39
This Lizard’s Tongue Is Its Secret Weapon

This Lizard’s Tongue Is Its Secret Weapon

2 weeks ago 39
/u/Turtledonuts explains identifying red flags in dubious research papers

/u/Turtledonuts explains identifying red flags in dubious re...

2 weeks ago 33
How long can a UPS keep your PC running?

How long can a UPS keep your PC running?

2 weeks ago 36
National Anthem Sung by Convicts Blasts From the White House on Repeat

National Anthem Sung by Convicts Blasts From the White House...

2 weeks ago 38
Our 6 week foster girls love marble runs!

Our 6 week foster girls love marble runs!

2 weeks ago 31
7 physicists answer: whatever happened to string theory?

7 physicists answer: whatever happened to string theory?

2 weeks ago 35

Trending

Popular

Seamstress/alterations for shirts

Seamstress/alterations for shirts

3 weeks ago 174
Maine and Massachusetts Initiatives Threaten to Re-Criminalize Adult-Use Cannabis Sales

Maine and Massachusetts Initiatives Threaten to Re-Criminali...

3 weeks ago 94
MSL 4707 CC © NASA/JPL-Caltech/LANL/CNES/IRAP/NeV-T

MSL 4707 CC © NASA/JPL-Caltech/LANL/CNES/IRAP/NeV-T

3 weeks ago 84
Mamdani Won. South Florida Expects a Real Estate Bump: Some brokers and developers in the region are waiting eagerly to see if the election of a democratic socialist will drive more wealthy New Yorkers south.

Mamdani Won. South Florida Expects a Real Estate Bump: Some ...

3 weeks ago 81
Magic Caster Wand

Magic Caster Wand

3 weeks ago 80
Male consignment shop

Male consignment shop

3 weeks ago 79
English (US) English (US) ·
About Us · Contact Us · Terms & Conditions ·

© BrowardLocals.com 2025. All rights are reserved