The malware looks like a Ransomware strain with fairly distinctive features, named Rorschach.

This comes after the security firm analyzed a cyberattack on a US-based firm.

The security firm mentions that the attacker deployed malware on the victim's network after exploiting a flaw.

The attackers used the Cortex XDR Dump Service to sideload the Rorschach loader & injector leads to the payload.

As the machine gets infected, the malware deletes the four event logs to erase any existence of it.

The files with the loader have UPX anti-analysis protection & the main payload is protected from reserve engineering.

The basic routine of the malware reveals a highly successful execution of thread scheduling via I/O completion ports.