vti-cosplay: Low Budget VirusTotal Intelligence Cosplay
vti-cosplay parses a YARA rule then maps each entry to VirusTotal query, and merges individual results. Hence, it mimics YARA scan on the VirusTotal.…
vti-cosplay parses a YARA rule then maps each entry to VirusTotal query, and merges individual results. Hence, it mimics YARA scan on the VirusTotal.…
During the analysis, the Risk game's rules and goals were observed. The findings lead to a Github account and then a repository. The comparison results lighting up a complex attack vector that is constructed by various stages and also utilizes steganography-like technique.…
The analyzed attack begins with RTF file named 'swift_copy.doc'. The attack vector uses lots of technologies for different steps until reaching to the actual stage that makes desired actions. In the end, it drops Agent.Tesla variant and it is capable enough to siphon...…
The attack begins with a phishing document that mimics the brochure of the NATO STO (Science And Technology Organization) conference that organized in December 2018. The analyzed sample's second stage is a DLL file.…