ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Malware Analysis

AtomBombing Evasion and Detection

A new code injection technique is effective in bypassing most analysis and detection methods. Code injection has been a favorite technique of malware authors for many years. Injecting malicious code into an otherwise-benign process is an effective way of masking malware from anti-virus and sandbox detection. It is used to
Read More

Goldeneye Ransomware Uses COM to Execute Malicious JavaScript

There is a new ransomware going wild in Germany called Goldeneye, which is a variant of Petya. It’s targeting German-speaking users via email by attaching an application (Bewerbung) in Excel format (xls). At the time we started analyzing the Goldeneye malware, VirusTotal scored 9/54, but the score varied for different
Read More

Hancitor Uses Microsoft Word to Deliver Malware

There have been several variants of the Hancitor malware family seen in the wild over the past several months. Recently, Carbon Black, a VMRay integration partner, provided an in-depth analysis of a specific strain of the Hancitor Malware family that uses a Microsoft calendar identifier to deliver malware to unsuspecting
Read More
,

Word macro uses WMI to detect VM environments

We recently came across an interesting malicious Word document that used an embedded Word macro to detect whether or not it was being opened inside a VM. If no VM was detected, the macro proceeded to attempt to download a payload (executable) to infect the machine. Let’s take a look
Read More
,

Powershell Ransomware – a PowerWare Deep Dive

Malware authors are always looking for an edge to evade detection and extend the useful life of their creations. In the constant cat-and-mouse game between malware authors and security vendors, malware authors must constantly revise and reinvent their product. They will consider anything they can do to avoid detection. Along
Read More
, ,

Eliminating the Observer Effect in Malware Analysis

We have a mission at VMRay to build the ultimate malware Panopticon with a twist. The original 18th century Panopticon design was conceived as a way to monitor inmates in an institution in such a way that they could never know where or when they were being observed – so
Read More
,

7ev3n-HONE$T –Ransomware for the rest of us

The ransomware 7ev3n-HONE$T is a new version of an existing ransomware, 7ev3n, with a twist – a much lower ransom fee. Early this year, as reported in January by Graham Cluley, BleepingComputer and others, the original 7ev3n ransomware was spotted in the wild encrypting victims‘ files on Windows machines and
Read More
,

HyperScaling Malware Analysis

In the era of Big Data scalability is always a key concern. Simply throwing hardware at the problem isn’t enough. If the software architecture can’t fully take advantage of the available bandwidth and compute power, bottlenecks remain. One of VMRay Analyzer’s main advantages is our agentless hypervisor-based approach, allowing substantially

Read More
,

Automating Custom VM Setups

The automated creation and deployment of fully custom VMs (Virtual Machines) as analyses targets may seem like an arcane topic, but it’s crucially important to successful threat analysis, particularly for targeted attacks. There are several reasons: Targeted attacks using custom(ized) malware often will check for specific attributes on the target

Read More
,

Context-Aware Malware: Analyzing Environment-Sensitive Malware

Malware that evades detection is nothing new. But in a constantly evolving threat landscape, particularly around targeted attacks, we now see more Environment-Sensitive Malware. This is alternately known as context-aware or environment-aware malware. Not a low carbon footprint variety, but rather malware that is tailored to run only under certain

Read More

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter

Subscribe to our Newsletter

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay