Filter by:

Malicious Word doc uses ActiveX to infect

A malicious Word doc was recently shared with us that used just about every trick in the book to infect a machine yet initially had zero detections on VirusTotal. At the time of this blog post, detections had improved somewhat to a less-than-impressive 2/55:   Likewise, the file was unknown on Metadefender, submitting it for analysis showed […]


Decoding the Screenlocker (Ransomlock) Activation key

Recently our team analyzed FreeDownloadManager.exe which is screen-locking malware, or Ransomlock. Victims get a screen that looks like a Windows activation screen: They are prompted to call a toll-free number whereby they would presumably be asked to pay a fee in return for the ‘activation code’ that would unlock the victim’s computer. Fortunately, our team was […]


Website designed and developed by Raincastle Communications, Inc.