Cyberdudebivash

  Executive summary CountLoader is a newly observed multi-version malware loader used to deliver post-exploitation tooling (Cobalt Strike, AdaptixC2) and remote access trojans (PureHVNC/PureRAT). It appears in at least three implementations — .NET , PowerShell , and JScript/HTMLA — and has been distributed in PDF/ZIP phishing lures (notably a campaign impersonating Ukrainian police). Public reporting ties CountLoader activity to Russian-language ransomware ecosystems (LockBit, BlackBasta, Qilin) or to Initial Access Broker activity used by those ecosystems. Silent Push +1 1 — Key findings (short) Multi-version loader: .NET, PowerShell, JScript (HTML application) variants have been observed. Silent Push +1 Delivery vectors: weaponized PDFs/ZIPs and social-engineering lures (e.g., impersonating Ukrainian police or fake job offers / ClickFix pages). Silent Push +1 Post-drop payloads: Cobalt Strike, AdaptixC2, PureHVNC RAT (and other commodity malware/infostealers). The H...