Malware writers are always looking for new ways to evade analysis frameworks and sandboxes to successfully breach targeted environments and platforms. WMI provides a simple way of environment detection to evade sandboxes and dynamic analysis tools, which seem to be underestimated by the security community. This blog looks at evasion samples.Read more...
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
September 29, 2016 8:00 AM By FireEye iSIGHT Intelligence | Threat Intelligence, Threat Research
September 23, 2016 10:30 AM By Ankit Anubhav , Dileep Kumar Jallepalli | Advanced Malware, Threat Research
Hancitor uses several capabilities within malicious macros that support malware installation and data theft. These capabilities include leveraging uncommon APIs and obscuring malicious PowerShell commands, tactics that make it a challenge to detect.
September 13, 2016 10:20 AM By Nick Harbour | Vulnerabilities
FireEye will host the third annual FireEye Labs Advanced Reverse Engineering (FLARE) team challenge beginning September 23rd. This six-week challenge is open to all active and aspiring reverse engineers, malware analysts and security professionals.
August 26, 2016 11:45 PM By Daniel Regalado | Threat Research
FireEye Labs dissects a new ATM malware, RIPPER, which may have been used this week to steal 12 million baht from ATMs at banks in Thailand.Read more...