Tag Archives: malware

Static vs Dynamic Analysis and the Amusing Outcome

It all started with a malicious RTF document attached to an email and a request from reader Chris (thanks for your request and help!) to locate the embedded SWF object since it was believed to contain a hidden PE file. … Continue reading

Posted in Malicious Email, Malscript | Tagged , , , , | Comments Off on Static vs Dynamic Analysis and the Amusing Outcome

Malicious Word Macro Caught Using Sneaky Trick

There has been a slew of malicious Word documents attached to email purporting to be invoices, receipts, etc. This particular one caught my eye but I’m not sure if this is an old trick. I just haven’t seen this method … Continue reading

Posted in Malicious Email, Malscript | Tagged , , , , , , | Comments Off on Malicious Word Macro Caught Using Sneaky Trick

Drive-By Cache: Payload Hunting

The researchers over at Armorize identified a new technique some time ago called “drive-by cache” that kinda turns drive-by downloads on its head. You can read their analysis here. In a typical drive-by download, the visiting PC gets compromised, the … Continue reading

Posted in Pentest | Tagged , , , | Leave a comment

Hidden Malicious Redirector

Normally when you visit a webpage that’s been compromised, you can find the malicious redirect link (e.g. iframe, Javascript) by viewing the HTML source code. On this particular website, the malicious redirect link only appears when the webpage is saved … Continue reading

Posted in Malscript | Tagged , , , , | 4 Comments

Amusing UPS/Fedex Malicious Email

Yesterday I received this UPS email with a malicious zipped attachment. A couple hours later, I get another one. This one had Fedex content but the “from” and “subject” lines were still showing “UPS”. Another two or so hours pass … Continue reading

Posted in Malicious Email | Tagged , , | Leave a comment