ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

VMRay Blog

Stay current on the threat landscape with industry-leading cybersecurity insights!
Try VMRay

DDE Ransomware in a Macro-less Word Document

Malware Family: Vortex SHA256 Hash Value: bd61559c7dcae0edef672ea922ea5cf15496d18cc8c1cbebee9533295c2d2ea9 View the Full VMRay Analyzer Report Macros in Microsoft Office have been used extensively by malware authors as a mechanism to download and execute a malicious payload on a system. Defensive measures introduced by Microsoft such as disabling macros by default have not
Read More

Persistent Emotet Malware with a Crafty Social Engineering Technique

Malware Family: Emotet SHA256 455be9278594633944bfdada541725a55e5ef3b7189ae13be8b311848d473b53 View the Full VMRay Analyzer Report With security ever more tightly integrated into operating systems, malware authors often rely on the unwitting participation of an end user to enable malicious action. Social engineering techniques have evolved significantly over the years and last week the VMRay
Read More
,
6 Ways Intelligent Monitoring Improves Malware Analysis Accuracy & Efficiency

6 Ways Intelligent Monitoring Improves Malware Analysis Accuracy & Efficiency

This is the second blog in a two-part series describing how VMRay Analyzer’s Intelligent Monitoring capabilities remove the noise from malware analysis. Read part one. VMRay Analyzer’s hypervisor-based monitoring approach provides total visibility into the behavior of a sample under analysis and enables monitoring only parts of the system related
Read More
,
Intelligent Monitoring: Removing the Noise from Malware Analysis

Intelligent Monitoring: Removing the Noise from Malware Analysis

This blog post is the first in a two-part series describing how VMRay Analyzer’s Intelligent Monitoring capabilities remove the noise from malware analysis. In dealing with potentially malicious files, incident responders and IT security teams are swamped with information in the form of log files, reports, alerts, and notifications. As
Read More
,
Preventing Sandbox Evasion with Randomized Filenames

Preventing Sandbox Evasion with Randomized Filenames

In the malware analysis community, it is common to rename a malware sample to its hash value or add the hash to the filename. This helps analysts easily identify a sample and to store it with a unique filename. This strategy saves time and empowers collaboration. A drawback, however, is
Read More
,
Agentless Detection – Locard’s Exchange Principle Applied to Cybersecurity

Agentless Detection – Locard’s Exchange Principle Applied to Cybersecurity

Marketing departments of Cybersecurity vendors around the globe go into overdrive when they can shout from the rooftops that their solution is ‘agentless’. Sure, that sounds good, but why is this so important? And what is truly agentless? To appreciate the importance of an agentless approach, we’ll go old school
Read More
Poweliks Malware – Filelessly Persistent

Poweliks Malware – Filelessly Persistent

Malware Family: Poweliks Hash Value SHA256: 4727b7ea70d0fc00f96a28de7fa3d97fa 9d0b253bd63ae54fbbf0bd0c8b766bb View the Full Poweliks Malware Analysis Report One of the key features released in VMRay Analyzer v2.1 is the enhanced analysis of fileless malware (also referred to as “non-malware”). Fileless malware is defined by malware analysis expert Lenny Zeltser as “..malware that
Read More
,
Password Protected Word Document Connects to TOR Hidden Service

Password Protected Word Document Connects to TOR Hidden Service

Hash Value SHA256: 3a813df1c8f1e835cc98dd60b799c64e61 db51a259ee30b7235004ccb3c9df64 View the Full Password Protected Word Document Analysis Report Password protected documents are an effective method for malware to bypass anti-virus (AV) and other detection solutions. Typically the AV will not be able to parse the password required from the text of the email used
Read More

VMRay Analyzer v2.1 Enhances Detection Efficacy & Fileless Malware Analysis

In the new release of VMRay Analyzer v2.1, we've enhanced detection efficacy and fileless malware analysis for DFIR Specialists and CERTs.
Read More

Built-In YARA Rulesets for Increased Efficacy and Classification

YARA is an open source tool that helps malware researchers identify and classify malware by family based on known binary patterns and strings. YARA works by ingesting rules and applying them against various elements of the analysis (such as files and registry keys) to flag potentially malicious files and processes.
Read More
Vmray threatfeed

Latest Malware Analysis Reports

Access
Get The Latest Update

Subscribe to our newsletter

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay