SANS ISC

[SANS ISC] Malicious script dropping an executable signed by Avast?

I published the following diary on isc.sans.org: “Malicious script dropping an executable signed by Avast?“.

Yesterday, I found an interesting sample that I started to analyze… It reached my spam trap attached to an email in Portuguese with the subject: “Venho por meio desta solicitar orçamento dos produtos” (“I hereby request the products budget”). There was one attached ZIP archive: PanilhaOrcamento.zip… [Read more]

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *