ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

VMRay Blog

Stay current on the threat landscape with industry-leading cybersecurity insights!
Try VMRay
,

[Video] Analyzing a Malicious Microsoft Word Document

One of the key features in VMRay Analyzer 2.0 is the built-in reputation engine that identifies known malicious or known benign files in milliseconds. The addition of the reputation engine gives Incident Responders and Malware Analysts a powerful “One-Two” combination of rapid threat detection and detailed analysis of malware behavior.
Read More

Malware Detection and Analysis: Delivering a Knockout Blow to Malware

In boxing, the “One-Two” combination is an essential component of a fighter’s arsenal. A left jab followed by a right cross is one the most effective combinations a fighter can unleash on his opponent. In the fight against malware, it’s just as important for Malware Analysts and Incident Responders to
Read More
,

Analyzing Malware Embedded in MS Publisher Files

We have started to see malware authors use embedded Visual Basic (VBA) macros in many unconventional file types to attack hosts. In response to this trend, VMRay Analyzer V 2.0 now supports the analysis of Microsoft Access and Microsoft Publisher files. Support for analysis of new sample types means greater
Read More

VMRay Analyzer V 2.0: Introducing the Reputation Engine

VMRay Analyzer V 2.0 will be released this week and we’ll be presenting it at the RSA Conference next week. The latest release has many new features including the addition of a built-in reputation engine that identifies known malicious or known benign files in milliseconds, support for the analysis of
Read More

Spora Ransomware Dropper Uses HTA to Infect System

This past week, a new Ransomware variant called Spora was spotted in the wild. Currently, Spora only targets Russian-speaking users. What’s interesting about this Ransomware is that its payment site is so well designed, one could think they are running a legitimate business. The dropper for Spora is basically an
Read More

AtomBombing Evasion and Detection

A new code injection technique is effective in bypassing most analysis and detection methods. Code injection has been a favorite technique of malware authors for many years. Injecting malicious code into an otherwise-benign process is an effective way of masking malware from anti-virus and sandbox detection. It is used to
Read More

Goldeneye Ransomware Uses COM to Execute Malicious JavaScript

There is a new ransomware going wild in Germany called Goldeneye, which is a variant of Petya. It’s targeting German-speaking users via email by attaching an application (Bewerbung) in Excel format (xls). At the time we started analyzing the Goldeneye malware, VirusTotal scored 9/54, but the score varied for different
Read More

Hancitor Uses Microsoft Word to Deliver Malware

There have been several variants of the Hancitor malware family seen in the wild over the past several months. Recently, Carbon Black, a VMRay integration partner, provided an in-depth analysis of a specific strain of the Hancitor Malware family that uses a Microsoft calendar identifier to deliver malware to unsuspecting
Read More
,

Threat intelligence sharing with MISP and VMRay

Sharing is caring. Nowhere is this more true than for defenders that need to be able to quickly and seamlessly share critical information about malware and the attackers behind them. In the jargon of our industry that means using TIPs (Threat Intelligence Platforms) to ingest, export and correlate IOCs (Indicators
Read More
,

Word macro uses WMI to detect VM environments

We recently came across an interesting malicious Word document that used an embedded Word macro to detect whether or not it was being opened inside a VM. If no VM was detected, the macro proceeded to attempt to download a payload (executable) to infect the machine. Let’s take a look
Read More
Vmray threatfeed

Latest Malware Analysis Reports

Access
Get The Latest Update

Subscribe to our newsletter

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay