Hash Value SHA256: 3a813df1c8f1e835cc98dd60b799c64e61 db51a259ee30b7235004ccb3c9df64 View the Full Password Protected Word Document Analysis Report Password protected documents are an effective method for malware to bypass anti-virus (AV) and other detection solutions. Typically the AV will not be able to parse the password required from the text of the email used to send the malicious document. […]READ MORE
A new variant of Cerber ransomware is in the wild and has built-in anti-sandbox tools to detect hooking-based sandbox environments, as explained in this article by Cyphort. The limitations of a hooking-based approach, where a driver is injected into the target environment and ‘hooks’ API calls, allow the malware to easily detect the analysis environment. This […]READ MORE
A popular method to distribute malware (especially ransomware) is to send a JScript file (*.js) by E-Mail or prompt a user surfing the web to execute a file. The goal of this type of attack is to bypass filtering systems that warn users trying to open attachments with certain file extensions (e.g. .exe) or disallow […]READ MORE
Website designed and developed by Raincastle Communications, Inc.