Unveiling JsOutProx: A New Enterprise Grade Implant
Security Affairs
DECEMBER 20, 2019
Technical Analysis. Among this info, we recovered also its remote C2 address 91.189.180.199, operated by “ServeTheWorld”, a Norwegian provider renting his servers in Oslo, and a particular tag reporting the name “JsOutProx”. Once created the main structure, the first function ran by the malware is “init”. Update the sleep time.
Let's personalize your content