The current threat landscape is often driven by web-based malware and exploit kits that are regularly updated with newly found vulnerabilities. Recently, we received an interesting malware binary–a JAR package that opens a back door for an attacker to execute commands and acts as a bot after infection. This archive does not exploit any Java […]
Malware authors are always seeking new ways to hone their craft. As cybercriminals are facing a multitude of preventative technologies from Symantec and users are becoming more security conscious, it is becoming increasingly difficult for the bad guys to win.Recently, during research, we came across an oddly named sample, Word13.exe. Upon first glance, it appears to […]
Recently, we discovered a threat that abuses the Encrypting File System (EFS), which Symantec detects as Backdoor.Tranwos. Not only is it trivial for program code to use EFS, it’s also very effective at preventing forensic analysis from accessing the contents of the file.The threat creates the folder %Temp%\s[RANDOM ASCII CHARACTERS] and then calls the EncryptFileW […]
Latest Comments