SANS ISC

[SANS ISC] AutoIT based malware back in the wild

Malware, Security One comment

I published the following diary on isc.sans.org: “AutoIT based malware back in the wild“.

One week ago I wrote a diary with an analysis of a malicious RAR archive that contained an AutoIT script. The technique was not new but I was curious to see if this was a one-shot or not. To search for juicy samples, VirusTotal Intelligence or “VTI” is a nice source. Thanks to the “Retro Hunt” feature, it is possible to search for specific samples that were submitted. The search conditions are based on YARA rules… [Read more]

One comment

  1. Pingback: [SANS ISC] AutoIT based malware back in the wild – Insuring Your Future… Today.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.