Security Soup

Security Soup

infosec news, commentary, and research

  • Home
  • Blog
  • About
  • Resources
  • Contact
Menu

All posts tagged ATT&CK

Analysis of Valak Maldoc

Analysis of Valak Maldoc

Posted on June 8, 2020June 11, 2020Author adminPosted in Malware Analysis, Research, TutorialLeave a Reply

Summary The Valak malware variant appears to be an emerging threat due to an increased volume of campaign activity by its operators. Besides its relative newness, Valak is also noteworthy for a few of its other operational aspects such as an interesting execution chain and some unconventional tactics leveraged in the VB macro script of…

Read
Analysis of a Dridex Downloader with Locked Excel Macros

Analysis of a Dridex Downloader with Locked Excel Macros

Posted on May 13, 2020June 5, 2020Author adminPosted in Malware Analysis, ResearchLeave a Reply

Summary I came across a fairly interesting Dridex maldoc the other day, and I figured it was worth doing a quick write-up on the obfuscation and anti-analysis techniques I saw. This was an Excel document that had its VBA macro project “locked” by the threat actor to disrupt analysis. Further anti-analysis included a heavy dose…

Read

Archives

  • January 2021 (3)
  • December 2020 (3)
  • November 2020 (4)
  • October 2020 (3)
  • September 2020 (5)
  • August 2020 (4)
  • July 2020 (4)
  • June 2020 (3)
  • May 2020 (6)
  • April 2020 (3)
  • March 2020 (3)
  • February 2020 (3)
  • January 2020 (5)
  • December 2019 (5)
  • November 2019 (5)
  • October 2019 (1)
  • September 2019 (7)
  • August 2019 (4)
  • July 2019 (6)
  • June 2019 (5)
  • May 2019 (5)
  • April 2019 (5)
  • March 2019 (6)
  • February 2019 (4)
  • January 2019 (1)

Tags

ATT&CK (2) Career Development (1) Certificaton (1) CISSP (1) CyberChef (1) DNS (1) Domain Names (1) Dridex (1) Emotet (10) Excel (2) FlawedAmmyy (1) JavaScript (1) Macros (11) Malware Analysis (13) MITREattack (1) msiexec (1) News (78) oledump.py (2) olevba (1) Phishing (2) PowerShell (1) Python (2) regsvr32 (1) Research (7) TLDs (1) Tools (3) Tutorial (5) Valak (1) WMI (1) YARA (1)

Newsletter Sign-up

Please submit your email if you would like to receive the Weekly News Roundups when they are posted.

Contact

  • Email
    ryan@security-soup.net

Newsletter Sign-up

Please submit your email if you would like to receive the Weekly News Roundups when they are posted.
January 2021
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031
« Dec    

©2021 Security Soup | Theme by SuperbThemes.Com