Malware writers are always looking for new ways to evade analysis frameworks and sandboxes to successfully breach targeted environments and platforms. WMI provides a simple way of environment detection to evade sandboxes and dynamic analysis tools, which seem to be underestimated by the security community. This blog looks at evasion samples.Read more...
Entries filed under 'Threat Research'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
September 29, 2016 8:00 AM By FireEye iSIGHT Intelligence | Threat Intelligence
September 23, 2016 10:30 AM By Ankit Anubhav , Dileep Kumar Jallepalli | Advanced Malware
Hancitor uses several capabilities within malicious macros that support malware installation and data theft. These capabilities include leveraging uncommon APIs and obscuring malicious PowerShell commands, tactics that make it a challenge to detect.
August 26, 2016 11:45 PM By Daniel Regalado
FireEye Labs dissects a new ATM malware, RIPPER, which may have been used this week to steal 12 million baht from ATMs at banks in Thailand.Read more...
August 24, 2016 7:00 PM By Bryce Boland | Threat Intelligence
For the first time, FireEye releases an M-Trends report specifically for the Asia Pacific region. Find out why most breaches in this region were never made public and how much time it takes to discover breaches in the area -- as well as how that timeframe differs from the global median number of days.Read more...