ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Category: Malware Analysis

2017-02-20

Analyzing Malware Embedded in MS Publisher Files

We have started to see malware authors use embedded Visual Basic (VBA) macros in many unconventional file types to attack hosts. In response to this trend, VMRay Analyzer V 2.0 now supports the analysis of Microsoft Access and Microsoft Publisher files. Support for analysis of new sample types means greater
Read More
2017-01-17

Spora Ransomware Dropper Uses HTA to Infect System

This past week, a new Ransomware variant called Spora was spotted in the wild. Currently, Spora only targets Russian-speaking users. What’s interesting about this Ransomware is that its payment site is so well designed, one could think they are running a legitimate business. The dropper for Spora is basically an
Read More
2016-12-14

AtomBombing Evasion and Detection

A new code injection technique is effective in bypassing most analysis and detection methods. Code injection has been a favorite technique of malware authors for many years. Injecting malicious code into an otherwise-benign process is an effective way of masking malware from anti-virus and sandbox detection. It is used to
Read More
2016-12-08

Goldeneye Ransomware Uses COM to Execute Malicious JavaScript

There is a new ransomware going wild in Germany called Goldeneye, which is a variant of Petya. It’s targeting German-speaking users via email by attaching an application (Bewerbung) in Excel format (xls). At the time we started analyzing the Goldeneye malware, VirusTotal scored 9/54, but the score varied for different
Read More
2016-12-08

Hancitor Uses Microsoft Word to Deliver Malware

There have been several variants of the Hancitor malware family seen in the wild over the past several months. Recently, Carbon Black, a VMRay integration partner, provided an in-depth analysis of a specific strain of the Hancitor Malware family that uses a Microsoft calendar identifier to deliver malware to unsuspecting
Read More
2016-07-11

Word macro uses WMI to detect VM environments

We recently came across an interesting malicious Word document that used an embedded Word macro to detect whether or not it was being opened inside a VM. If no VM was detected, the macro proceeded to attempt to download a payload (executable) to infect the machine. Let’s take a look
Read More
2016-05-25

Powershell Ransomware – a PowerWare Deep Dive

Malware authors are always looking for an edge to evade detection and extend the useful life of their creations. In the constant cat-and-mouse game between malware authors and security vendors, malware authors must constantly revise and reinvent their product. They will consider anything they can do to avoid detection. Along
Read More
2016-05-12

Eliminating the Observer Effect in Malware Analysis

We have a mission at VMRay to build the ultimate malware Panopticon with a twist. The original 18th century Panopticon design was conceived as a way to monitor inmates in an institution in such a way that they could never know where or when they were being observed – so
Read More
2016-05-02

7ev3n-HONE$T –Ransomware for the rest of us

The ransomware 7ev3n-HONE$T is a new version of an existing ransomware, 7ev3n, with a twist – a much lower ransom fee. Early this year, as reported in January by Graham Cluley, BleepingComputer and others, the original 7ev3n ransomware was spotted in the wild encrypting victims‘ files on Windows machines and
Read More
2016-04-29

HyperScaling Malware Analysis

In the era of Big Data scalability is always a key concern. Simply throwing hardware at the problem isn’t enough. If the software architecture can’t fully take advantage of the available bandwidth and compute power, bottlenecks remain. One of VMRay Analyzer’s main advantages is our agentless hypervisor-based approach, allowing substantially

Read More

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay
Days
Hours
Minutes
Seconds

Ready to stress-test your malware sandbox? Join us for a no-fluff, all-demo webinar that shows you real techniques to evaluate and optimize your sandboxing solution!

Watch Now