Introduction This research began with finding a simple malware sample to extract strings for an unrelated topic. In my day-to-day malware analysis workflow, I stumbled upon a JavaScript (JS) file with what I would call trivial obfuscation. I knew it was malware but wanted to understand the infection chain. After some cleanup, I understood it to be a downloader of an … [Read more...]
PowerShell, the Double-Edged Sword
Eset researchers recently revealed some rather sophisticated fileless malware samples that cyber criminals use. Fileless malware is malicious software that only runs directly in computer memory, making it more difficult for traditional malware products to detect. The WatchGuard Threat Lab predicted a general rise of fileless malware during 2019, but more specifically forecasted … [Read more...]