DiceLoader

DiceLoaderVBS. e345rt.vbs keyboard random name. Three-word semantic function obfuscation (bottomautomobilemean pilotshotluck). Base64 .NET BinaryFormatter payload.

Threat Profile
Type Loader
Programming LanguageVBScript/.NET
C2 ProtocolHTTPS
First Seen2022
Targets Kurumsal
Purpose / Capabilities
  • XAML Exploit + Loader
No C2 servers have been identified for this family yet.

Research Reports (2)

High

DiceLoader2 -- e345rt.vbs Klavye Rastgele İsim, bottomautomobilemean pilotshotluck Üçlü İngilizce Kelime Anlamsız Birleştirme VBS Fonksiyon Adı Obfuskasyonu, Base64 .NET Payload Parçaları | Yüksek

DiceLoader 231KB e345rt.vbs klavye rastgele isim. bottomautomobilemean pilotshotluck tropicalnosort uclu ingilizce kelime anlamsiz VBS fonksiyon obfuskasyonu. Base64 .NET BinaryFormatter payload.

Read Report →
Critical

DiceLoader/IcedID2 — e345rt.vbs 237KB, WPF TextFormatting Exploit, .NET Reflection, Base64 Obfuske | Kritik

DiceLoader e345rt.vbs 237KB VBS. WPF TextFormattingRunProperties exploit. .NET reflection get_MachineName. Base64 obfuske.

Read Report →