DeXpose Blog

Researches, News, and more

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

On June 16, 2025, a suspicious domain impersonating AnyDesk — anydeske[.]icu — was reported on Twitter. The site served what appeared to be a legitimate remote access tool but actually delivered a malicious .NET loader. Further investigation…

Learn more

May 30, 2025

APT43 (Kimsuky / Black Banshee) Infrastructure Hunting Report

Summary Recently identified previously undetected Kimsuky (also known as Black Banshee) infrastructure through advanced pivoting techniques. Using HTTP header analysis, SSL Cert and JARM fingerprinting. We uncovered several IPs and domains, many of them were…

Learn more

March 17, 2025

Understanding SalatStealer: Features and Impact

Introduction Salat Stealer is a stealthy malware developed in the Go programming language, designed to infiltrate systems and extract sensitive data. Once it infects a device, it gathers extensive system information, such as hard drive…

Learn more

March 17, 2025

PureLogger Deep Analysis: Evasion, Data Theft, and Encryption Mechanism

Introduction PureLogs is an advanced information stealer designed to extract credentials, session tokens, and system details while employing strong anti-analysis techniques. It encrypts stolen data using AES-256 before sending it to a remote Command &…

Learn more

March 17, 2025

Six Months Undetected: Analysis of archive.org hosted .NET PE Injector

Introduction On February 11, 2025, Filescan.io shared a troubling discovery: a 6-month-old .NET PE injector had remained undetected on Archive.org, a platform widely used for archiving web content. The file was flagged as clean, allowing it to remain accessible for months.…

Learn more

March 17, 2025

Email Breach Scan: How to Protect Your Personal Information

Email breaches pose significant risks to personal security when unauthorized users access email accounts or sensitive data. Often, leaked credentials can end up being sold on the dark web, leading to consequences like identity theft…

Learn more

March 17, 2025

Egyptian organizations darkweb exposure report

Are you wondering what kind of information about the Egyptian organizations the Darkweb has? As we all remember, the last few years were bad for many organizations regarding hacking and cyber threats. Digital shadows team…

Learn more

Get Free Exposure Report

Dark Web monitoring

Breaches monitoring

Attack surface mapping

Brand Protection

Supply Chain Monitoring

Got a Special Request?

MSPs Partnership

Offensive Security

Data Partnership (API)

Free Darkweb Report

Email Data Breach Scan

Oracle Breach Check

DeXpose Blog

Categories

Top Articles

Akira Ransomware Targets Swedish Printing Company Sib-Tryck Holding

Threat Actor Profile: Mustang Panda

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

APT43 (Kimsuky / Black Banshee) Infrastructure Hunting Report

Egypt Post Impersonation Linked to Smishing Triad

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

APT43 (Kimsuky / Black Banshee) Infrastructure Hunting Report

Understanding SalatStealer: Features and Impact

PureLogger Deep Analysis: Evasion, Data Theft, and Encryption Mechanism

Six Months Undetected: Analysis of archive.org hosted .NET PE Injector

Email Breach Scan: How to Protect Your Personal Information

Egyptian organizations darkweb exposure report

Our Services

Quick Access

Get Free Exposure Report