ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Malware Analysis

Threat Bulletin: RagnarLocker Ransomware

In April 2020, the systems of Portuguese multinational energy giant Energias de Portugal (EDP) were encrypted by RagnarLocker Ransomware. The operators of RagnarLocker demanded a ransom of 1580 Bitcoin ($10.9M). Based on the ransom notes left on EDP’s systems (Figure 1) which directly mentioned the company, it’s clear that it
Read More

VMRay & Anomali: Deliver Seamlessly Integrated Threat Analysis & Intelligence

In April 2020, the systems of Portuguese multinational energy giant Energias de Portugal (EDP) were encrypted by RagnarLocker Ransomware. The operators of RagnarLocker demanded a ransom of 1580 Bitcoin ($10.9M). Based on the ransom notes left on EDP’s systems (Figure 1) which directly mentioned the company, it’s clear that it
Read More

Malware Analysis Spotlight: Rhino Ransomware

In this Malware Analysis Spotlight, the VMRay Labs Team examines the behavior of Rhino Ransomware (first identified in April 2020). This sample was found by Twitter user @GrujaRS on May 4th. View the VMRay Analyzer Report The first step before the ransomware encrypts user files, it disables various services: wscsvc
Read More

Good Apps Behaving Badly: Dissecting Zoom’s macOS Installer Workaround

This post was updated on April 3, 2020 to reflect Zoom’s response. It seems like overnight half the world switched to working from home and depending on Zoom for daily human interaction. Our own team is no exception, so it came as a surprise that the widely-used application installs itself
Read More

SANS Webcast Recap: Practical Malware Family Identification for Incident Responders

Taxonomy is the science of naming, defining and classifying groups of biological organisms based on shared characteristics. Fundamentally it’s an organization scheme that has allowed scientists to study organisms without confusion or overlap since the Swedish naturalist Carl Linnaeus introduced his framework for a uniform naming system more than 300
Read More
,

How Expel’s Analysts Are Using VMRay to Make Consistent, Sound Decisions

“Our analysts are really good at making decisions if they have the data to make that decision.” – Tyler Fornes, Sr. Response & Detection Analyst at Expel In this Risky Business podcast, host Patrick Gray interviews one of VMRay’s most forward-looking customers: Tyler Fornes, Senior Detection and Response Analyst for
Read More

Analyzing ZeroCleare’s Behavior Using a Malware Sandbox

View the VMRay Analyzer Report for ZeroCleare “ZeroCleare” is a new strain of malware discovered by IBM X-Force Incident Response and Intelligence Services (IRIS) this past December. In the 28-page report, the IRIS Team revealed that ZeroCleare was used to execute an attack on Middle East organizations in the energy
Read More

[SANS Webcast Recap] Evade Me If You Can: Unmasking Context Aware Malware

“Context is everything” goes the age-old adage. Malware has evolved in a variety of ways over the past few years but threat actors have increasingly focused more of their development efforts on making their malware sensitive to context in order to better identify and evade sandbox and analysis environments. In
Read More

VMRay IDA Plugin 1.1: Streamlining Deep-Dive Malware Analysis

A year ago this fall, we introduced the VMRay Analyzer IDA plugin for IDA Pro disassembler and decompiler. With Version 1.0 of the plugin (nicknamed IDARay), malware analysts and DFIR teams could use the output of VMRay Analyzer to enrich IDA Pro static analysis with behavior-based data. The plugin sped
Read More

MITRE ATT&CK: A Rosetta Stone for the Cyber Security Ecosystem

In July, VMRay released version 3.1 of VMRay Analyzer, our flagship platform for automated malware analysis and detection. Among several major enhancements, 3.1 mapped our existing VMRay Threat Indicators (VTIs) to MITRE ATT&CK, the industry-standard framework and knowledge base of adversary tactics and techniques, threat groups, and related software and
Read More

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

Subscribe to our Newsletter

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay