Concerned About Your Business Cyber Security?

(877) 321--7374

Windows Batch File Deobfuscation, (Thu, Jul 26th)

Last Thursday, Brad published a diary[1] about a new ongoing campaign delivering the Emotet[2] malware. I found another sample that looked the same. My sample was called ‘Order-42167322776.doc’ (SHA256:4d600ae3bbdc846727c2922485f9f7ec548a3dd031fc206dbb49bd91536a56e3[3] and looked the same as the one analyzed Brad. The infection chain was almost the same:

Ready For ASuperheroI.T. Solution?

Real Time Web Analytics