I published the following diary on isc.sans.org: “Malicious script dropping an executable signed by Avast?“.
Yesterday, I found an interesting sample that I started to analyze… It reached my spam trap attached to an email in Portuguese with the subject: “Venho por meio desta solicitar orçamento dos produtos†(“I hereby request the products budgetâ€). There was one attached ZIP archive: PanilhaOrcamento.zip… [Read more]
One comment