Ursnif is a group of malware families based on the same leaked source code. When fully executed Urnsif has the capability to steal banking and online account credentials. In this blog post, we will analyze the payload of a Ursnif sample and demonstrate how a malware sandbox can expedite the investigation process. Access the VMRay […]READ MORE
In our recent blog post “Blinding Malware Analysis with COM Objects” we talked about the steady trend of malware using Microsoft’s Component Object Model (COM) for evading sandbox analysis. The reason why COM can be used to perform stealth operations is that traditional dynamic analysis systems monitor program behavior by intercepting calls on the WinAPI-, the NativeAPI-, […]READ MORE
Website designed and developed by Raincastle Communications, Inc.