JackOfHearts

By GoldSparrow in Trojans

Translate To:

JackOfHearts is the dropper malware responsible for delivering the QueenOfHearts backdoor. QueenOfHearts is one of the three distinct malware families observed as part of a sophisticated threat actor's arsenal. Another one of the malware families comprising the toolkit of the hackers called SlothfulMedia was the subject of a report released by the Department of Homeland Security CISA agency.

AS for JackOfHearts, its task is to prepare the environment of the compromised computer for QueenOfHearts. First, it drops the payload file carrying the backdoor to a specific location on the disc, such as '%AppData%\mediaplayer.exe.' It then proceeds to establish the persistence mechanism of the main payload by creating a Windows service pointing to it. In addition, JackOfHearts creates a shortcut for QueenOfHearts inside the system's startup folder and initiates it immediately.

To minimize the chances of being detected or diminish the malware presence on the targeted system, JackOfHearts' final activity is to create a self-deletion tool placed in the %TEMP% folder, which will delete the dropper from the drive.

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

JackOfHearts

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen