HB Ad Slot
HB Mobile Ad Slot
CISA Releases Malware Analysis Report for Microsoft SharePoint Vulnerabilities
Friday, August 8, 2025

Threat actors continue to exploit ToolShell to gain unauthorized access to on-premises SharePoint servers. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report after analyzing six files “including two Dynamic Link-Library (.DLL), one cryptographic key stealer, and three web shells. Cyber threat actors could leverage this malware to steal cryptographic keys and execute a Base64-encoded PowerShell command to fingerprint host system and exfiltrate data.”

The report includes the indicators of compromise and detection signatures to identify malware samples. The report also includes an analysis of YARA Rules, Sigma Rules, ssdeep matches, screenshots, PE Metadata, PE Sections, Packers/Compilers/Cyrptors, Tags and Details.

If your organization has been, or is potentially affected by ToolShell, take advantage of CISA’s analysis and use it to mitigate any potential effect on your company.

HTML Embed Code
HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters.

 

Sign Up for any (or all) of our 25+ Newsletters