Brunhilda DaaS Malware Analysis Report
This report is based on an analysis of the Brunhilda dropper service which is detected by The PRODAFT Threat Intelligence (PTI) Team.
Brunhilda is a dropper service that utilizes the Google Play Store to distribute various malware. While cybercrime groups tend to start operating as MaaS businesses, currently there is an upward trend of DaaS (Dropper as a Service) variations.
Applications used to distribute malware are analyzed in detail. Cybercrime groups started developing DaaS platforms to quickly monetize their business, as it is easy to replace the distributed malware while maintaining a low profile.
Relevant IoCs are included in the report for further research.