New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government

Nov 25, 2023

An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack.
The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and in-memory execution,” Kaspersky security researcher Mert

Get Free Report & Network Analysis

Please check your email for the free report.