Windows Archives

How to Analyze Malicious Microsoft Office Files

All the most common file types that can be used to deliver malicious code, including Microsoft Office files, are supported in Intezer...

Vermilion Strike: Linux and Windows Re-implementation of Cobalt Strike

Key Findings Discovered Linux & Windows re-implementation of Cobalt Strike Beacon written from scratchLinux malware is fully undetected by vendorsHas IoC and...

Intezer Analyze Community: 2019 Recap and Trends

Emotet, Trickbot, and Lazarus were the most common threats detected by the community in 2019. Linux threats, with code connections to Mirai,...

2019: A Year-in-Review

What an amazing year it has been for us at Intezer! The company nearly doubled in size, we added several new important...

Genetic Malware Analysis for Golang

Intezer Analyze now proudly supports genetic analysis for files created with the Golang programming language. Community and enterprise users can detect and...

ACBackdoor: Analysis of a New Multiplatform Backdoor

Introduction We have discovered an undetected Linux backdoor which does not have any known connections to other threat groups. VirusTotal detection rate...

PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers

Analysis by Intezer and IBM X-Force points its origins to a Malware-as-a-Service (MaaS) provider utilized by the Cobalt Gang and FIN6 attack...

Why we Should be Paying More Attention to Linux Threats

In a previous post we wrote for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC), we discussed the emergence of...

Watching the WatchBog: New BlueKeep Scanner and Linux Exploits

Overview We have discovered a new version of WatchBog—a cryptocurrency-mining botnet operational since late 2018—that we suspect has compromised more than 4,500 Linux...