all InfoSec news
AutoIT Remains Popular in the Malware Landscape, (Fri, Jan 6th)
Malware Analysis, News and Indicators - Latest topics malware.news
Yesterday Brad wrote an interesting diary[1] about a piece o malware based on AutoIT. Funny, I was also analyzing a sample that has been written in the same language. I don’t know exactly the source (it was spotted via a hunting ruile) but it seems to target the same people (based on the file name). Mine was delivered in a RAR archive called “doc-Impostos_514281.rar” (SHA256:84a35910ad7acb1455695be7aced111356fac9abc818f9ae0859677b07ac0d04). The VT score is very low: 1/61[2].
Article Link: https://isc.sans.edu/diary/rss/29408
1 post - 1 participant …
archive autoit brad called doc don hunting language malware name people piece popular rar score sha256 target