This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
ThreatInsight
threatinsight.proofpoint.com
did:plc:5gwujgymmotfb4pszrxoblwb
This dropped DLL is UNK_VividWyrm’s custom 5.t downloader, which includes anti‑VM and anti‑analysis features and communicates with a compromised C2 domain.
Proofpoint could not recover the final payload; however, UNK_VividWyrm used the same chain to deliver Cobalt Strike in a late‑2025 campaign.
2026-01-28T21:34:33.842Z