MEDIUMMalware
Global

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

·Source: Securelist (Kaspersky)

Updated:

Executive Summary

Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.

Analysis

Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain and analyze the C2 infrastructure.
Source Attribution

Originally published by Securelist (Kaspersky) on Jul 1, 2026.

Related Threats