High
New PowerShell-based malware resembles QUADAGENT. PowDesk checks for the presence of LANDesk Agent folder and service before C&C beacon.
Oilrig keep focusing on the IT supply chain domain, now via LANDesk agent.
Exposure of sensitive information
SHA-256
8406ca490c60ec41569b35f31f1860ff4663bba44d1daac64760ecdfe694203d
URL
http[:]//lcepos[.]com/php/reclaimlandesk[.]php