The observed malware campaigns associated with Divergent feature the use of persistence techniques most commonly associated with “fileless” malware. This malware can be leveraged by an attacker to target corporate networks and appears to be primarily designed to conduct click-fraud. It also features several characteristics that have been observed in other click-fraud malware, such as Kovter.
Exposure of sensitive information
Malware Hash (MD5/SHA1/SH256)