wmi Archives

wmi

Word macro uses WMI to detect VM environments

We recently came across an interesting malicious Word document that used an embedded Word macro to detect whether or not it was being opened inside a VM. If no VM was detected, the macro proceeded to attempt to download a payload (executable) to infect the machine. Let’s take a look

Uncover the truth of Cybersecurity, one story at a time

Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!

products

use cases

Find yours

Why VMRay

Customer Success Stories

By CAtegory

Featured Integration

Insights

Malware Analysis Reports

cybersecurity glossary

Latest Malware Analysis Spotlight

NEWS

CONTACT

CAREERs

wmi

Word macro uses WMI to detect VM environments

Uncover the truth of Cybersecurity, one story at a time

Subscribe to our Newsletter

Subscribe to our Newsletter:

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

products

use cases

Find yours

Why VMRay

Customer Success Stories

By CAtegory

Featured Integration

Insights

Malware Analysis Reports

cybersecurity glossary

Latest Malware Analysis Spotlight

NEWS

CONTACT

CAREERs

products

use cases

Find yours

Why VMRay

Customer Success Stories

By CAtegory

Featured Integration

Insights

Malware Analysis Reports

cybersecurity glossary

Latest Malware Analysis Spotlight

NEWS

CONTACT

CAREERs

wmi

Word macro uses WMI to detect VM environments

Uncover the truth of Cybersecurity, one story at a time

Subscribe to our Newsletter

Subscribe to our Newsletter:

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

ThreatFeed

products

use cases

Find yours

Why VMRay

Customer Success Stories

By CAtegory

Featured Integration

Insights

Malware Analysis Reports

cybersecurity glossary

Latest Malware Analysis Spotlight

NEWS

CONTACT

CAREERs