ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Category: Malware Analysis

2020-06-17

Malware Analysis Spotlight: Phishing Site Spread through SMS

In this Malware Analysis Spotlight, the VMRay Labs looks at the behavior of a phishing site distributed through an SMS message. Based on the content of the SMS message, this does not seem to be part of a targeted attack but rather part of a massive phishing campaign that aims
Read More
2020-06-15

SANS Webcast Recap: Dissecting Living off the Land Techniques

Living off the Land Binaries – aka LOLBins – represent one of the more creative and insidious malware threats today. Attackers use LOLBins to evade detection by manipulating legitimate systems and processes for malicious purposes. In this post—condensed from a SANS webcast featuring SANS Analyst Jake Williams and VMRay Sr.
Read More
2020-06-08

Threat Bulletin: RagnarLocker Ransomware

In April 2020, the systems of Portuguese multinational energy giant Energias de Portugal (EDP) were encrypted by RagnarLocker Ransomware. The operators of RagnarLocker demanded a ransom of 1580 Bitcoin ($10.9M). Based on the ransom notes left on EDP’s systems (Figure 1) which directly mentioned the company, it’s clear that it
Read More
2020-06-03

VMRay & Anomali: Deliver Seamlessly Integrated Threat Analysis & Intelligence

In April 2020, the systems of Portuguese multinational energy giant Energias de Portugal (EDP) were encrypted by RagnarLocker Ransomware. The operators of RagnarLocker demanded a ransom of 1580 Bitcoin ($10.9M). Based on the ransom notes left on EDP’s systems (Figure 1) which directly mentioned the company, it’s clear that it
Read More
2020-05-13

Malware Analysis Spotlight: Rhino Ransomware

In this Malware Analysis Spotlight, the VMRay Labs Team examines the behavior of Rhino Ransomware (first identified in April 2020). This sample was found by Twitter user @GrujaRS on May 4th. View the VMRay Analyzer Report The first step before the ransomware encrypts user files, it disables various services: wscsvc
Read More
2020-04-01

Good Apps Behaving Badly: Dissecting Zoom’s macOS Installer Workaround

This post was updated on April 3, 2020 to reflect Zoom’s response. It seems like overnight half the world switched to working from home and depending on Zoom for daily human interaction. Our own team is no exception, so it came as a surprise that the widely-used application installs itself
Read More
2020-03-25

SANS Webcast Recap: Practical Malware Family Identification for Incident Responders

Taxonomy is the science of naming, defining and classifying groups of biological organisms based on shared characteristics. Fundamentally it’s an organization scheme that has allowed scientists to study organisms without confusion or overlap since the Swedish naturalist Carl Linnaeus introduced his framework for a uniform naming system more than 300
Read More
2020-01-23

How Expel’s Analysts Are Using VMRay to Make Consistent, Sound Decisions

“Our analysts are really good at making decisions if they have the data to make that decision.” – Tyler Fornes, Sr. Response & Detection Analyst at Expel In this Risky Business podcast, host Patrick Gray interviews one of VMRay’s most forward-looking customers: Tyler Fornes, Senior Detection and Response Analyst for
Read More
2020-01-22

Analyzing ZeroCleare’s Behavior Using a Malware Sandbox

View the VMRay Analyzer Report for ZeroCleare “ZeroCleare” is a new strain of malware discovered by IBM X-Force Incident Response and Intelligence Services (IRIS) this past December. In the 28-page report, the IRIS Team revealed that ZeroCleare was used to execute an attack on Middle East organizations in the energy
Read More
2019-11-12

[SANS Webcast Recap] Evade Me If You Can: Unmasking Context Aware Malware

“Context is everything” goes the age-old adage. Malware has evolved in a variety of ways over the past few years but threat actors have increasingly focused more of their development efforts on making their malware sensitive to context in order to better identify and evade sandbox and analysis environments. In
Read More

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay
Days
Hours
Minutes
Seconds

Ready to stress-test your malware sandbox? Join us for a no-fluff, all-demo webinar that shows you real techniques to evaluate and optimize your sandboxing solution!

Watch Now