Increased Use of a Delphi Packer to Evade Malware Classification

Introduction
The concept of “packing” or “crypting” a
malicious program is widely popular among threat actors looking to
bypass or defeat analysis by static and dynamic analysis tools.
Evasion of classification and detection is an arms race in wh… Continue reading Increased Use of a Delphi Packer to Evade Malware Classification

Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique to Achieve Process Injection

Introduction
TLS (Thread Local Storage) callbacks are provided by the Windows
operating system to support additional initialization and termination
for per-thread data structures.
As previously
reported, malicious TLS callbacks, as an anti-analys… Continue reading Newly Observed Ursnif Variant Employs Malicious TLS Callback Technique
to Achieve Process Injection