🇺🇦 SentinelOne Vs. GraphSteel Loader – Prevention and Detection

🇺🇦 Watch how SentinelOne prevents and detects GraphSteel Loader. On April 26, 2022 CERT-UA (Computer Emergency Response Team of Ukraine) released CERT-UA #4545. This alert was issued in response to activities associated with UAC-0056 (also known as SaintBear, UNC2589, TA471). Initial delivery of the loader is handled via a malicious Excel document attached to a phishing email. Upon launch, the victim is enticed into enabling macros and active content. Once running, the payloads embedded in the document will execute, resulting in the downloading of additional components (GraphSteel and GrimPlant).

#cybersecurity #infosec #malware #graphsteel