[BRUNHILDA] DaaS Malware Analysis Report

November 14, 2020 23:56

This report is based on an analysis of the Brunhilda dropper service which is detected by The PRODAFT Threat Intelligence (PTI) Team.

Brunhilda is a dropper service that utilizes the Google Play Store to distribute various malware. While cybercrimegroups tend to start operating as MaaS businesses, currently there is an upward trend of DaaS (Dropper as a Service) variations.

Applications used to distribute malware is analyzed in detail. Cybercrime groups started developing DaaS platforms to quickly monetize their business, as it is easy to replace the distributed malware while maintaining a low profile.

Relevant IoCs are included in the report for further research.

Mobile Botnet