Posts tagged trojan
Defeating security controls in antivirus and anti-malware systems is a common goal among malware authors. There are many sophisticated techniques and an incredible level of creativity with regard to methods of defeating these systems coming from those on “the other side of the fence.” (more…)
Malware authors are getting increasingly creative in their attempts to bypass security controls and gain access to critical information by using tools such as password stealer malware to steal credentials and intercept web traffic. In this post, we build a Behavioral Profile of Password Stealer Malware Trojan.FTP.13809.A. (more…)
A critical part of recent malware binaries is the executable component responsible for downloading the actual malware from a designated malware server.
Our colleague, security researcher Mila Parkour, published a link to a great post at DeepEnd Research (posted by Andre M. DiMino) with some interesting results about a downloader/trojan dubbed Trojan.Plague.13604.B. This malware is a variation of Mutopy – Win32 found by Sophos.
Given the widespread continued use of spear phishing campaigns, it generally wise to approach any emails containing attachments or links to archives with a heavy dose of caution—especially when the email comes from an unknown sender.
Over the last two days I received several emails from a sender that I didn’t recognize, and proceeded to analyze the attachment with our own Vinsula Execution Engine, allowing me quickly build a behavioral profile the potential malware. Not surprisingly, the report generated by Vinsula showed clear indications that the attachment is malicious. We have titled this malware Trojan.Malaria.13002. (more…)