Month: May 2017

Credit to Author: Xiaopeng Zhang| Date: Tue, 09 May 2017 11:11:59 -0700

This is the second part of FortiGuard Labs’ deep analysis of the new Emotet variant. In the first part of the analysis we demonstrated that by bypassing the server-side Anti-Debug or Anti-Analysis technique we could download three or four modules (.dll files) from the C&C server. In that first blog we only analyzed one module (I named it ‘module2’). In this blog, we’ll review how the other modules work. Here we go.

Credit to Author: Xiaopeng Zhang| Date: Wed, 03 May 2017 09:41:26 -0700

Background Last week, FortiGuard Labs captured a JS file that functions as a malware downloader to spread a new variant of the Emotet Trojan. Its original file name is Invoice__779__Apr___25___2017___lang___gb___GB779.js.  A JS file, as you may be aware, is a JavaScript file that can be executed by a Window Script Host (wscript.exe) simply by double-clicking on it. In this blog we will analyze how this new malware works by walking through it step by step in chronological order. A JS file used to spread malware The original JS code…

Credit to Author: James Cabe| Date: Mon, 08 May 2017 12:51:02 -0700

For the past 3-4 years, there has been a lot of buzz in the Information Technology market around the Software Defined delivery of applications. In terms of meta-technology evolution, software is being used to create and deliver software. Yes, it is as confusing as it sounds. The Software Defined revolution has caught on in three distinct areas: data center and cloud, connectivity to applications, and the agile deployment or creation of services. Amazon Web Services has recently redefined the new SDDC, or Software Defined Datacenter space,…