Filter by:

Product Features

Indicators of Compromise (IOCs) and Artifacts: What’s the Difference?

In the world of malware analysis, there is sometimes confusion between the terms “artifacts” and “indicators of compromise (IOCs).” This is understandable because many malware analysis engines don’t distinguish between the two. First, let’s define the terms. When a malware sandbox dynamically analyzes a threat, it collects pieces of forensic data observed during runtime. This […]

READ MORE
Malware Analysis

Malware Analysis Spotlight: Phishing Site Spread through SMS

In this Malware Analysis Spotlight, the VMRay Labs looks at the behavior of a phishing site distributed through an SMS message. Based on the content of the SMS message, this does not seem to be part of a targeted attack but rather part of a massive phishing campaign that aims at users of Apple products. […]

READ MORE
Malware Analysis

SANS Webcast Recap: Dissecting Living off the Land Techniques

Living off the Land Binaries – aka LOLBins – represent one of the more creative and insidious malware threats today. Attackers use LOLBins to evade detection by manipulating legitimate systems and processes for malicious purposes. In this post—condensed from a SANS webcast featuring SANS Analyst Jake Williams and VMRay Sr. Research Analyst Tamas Boczan explain why […]

READ MORE
Malware Analysis

Threat Bulletin: RagnarLocker Ransomware

In April 2020, the systems of Portuguese multinational energy giant Energias de Portugal (EDP) were encrypted by RagnarLocker Ransomware. The operators of RagnarLocker demanded a ransom of 1580 Bitcoin ($10.9M). Based on the ransom notes left on EDP’s systems (Figure 1) which directly mentioned the company, it’s clear that it was a targeted attack and the malware authors […]

READ MORE
ConnectorsEvents and News

VMRay & Anomali: Deliver Seamlessly Integrated Threat Analysis & Intelligence

VMRay is proud to announce our partnership with threat intelligence vendor, Anomali to provide access to VMRay Analyzer via the Anomali APP Store. Anomali ThreatStream customers can now access our groundbreaking malware analyzer via an existing subscription, a new license purchased through the App Store, or a free trial version. The Anomali and VMRay joint solution […]

READ MORE

Website designed and developed by Raincastle Communications, Inc.