Collaborate Disseminate
Microsoft announced it has extended a feature in Office 2016 that protects against malicious macros to Office 2013. Continue reading Microsoft Extends Malicious Macro Protection to Office 2013
We’ve been tracking some more spam dropping Zepto ransomware variants. Like earlier posts, we’re seeing infected attachments with malicious macro scripts used as the entry point for the threat actor. (See images below of some recent spam samples.) As we dig deeper into our analysis, we found out that these macro scripts are not crafted […]
The post Zepto Evasion Techniques appeared first on ThreatTrack Security Labs Blog.
Recently, we’ve spotted Zepto ransomware spreading through spam email containing fake invoices (see image below). These attachments contain a Macro-Enabled word document file known as Donoff, which downloads the Zepto executable that encrypts all your files and will later ask for payment of the decryption key. We decided to take a closer look on the Donoff […]
The post Donoff Macro Dropping Ransomware appeared first on ThreatTrack Security Labs Blog.
We recently came across a file (ORDER-549-6303896-2172940.docm, SHA1: 952d788f0759835553708dbe323fd08b5a33ec66) containing a VBA project that scripts a malicious macro (SHA1: 73c4c3869304a10ec598a50791b7de1e7da58f36). We added it under the detection TrojanDownloader:O97M/Donoff – a large family of Office-targeting macro-based malware that has been active for several years (see our blog category on macro-based malware for more blogs). However, there wasn’t… Continue reading Malicious macro using a sneaky new trick