Hide malware through Microsoft HTML interpretors

In this article we will see how Microsoft Compiled HTML Help (CHM) and HTML Application (HTA) can be used to build a malware to compromise a system through legit Microsoft tools. A CHM file is a binary file containing a collection of HTML pages in order to provide a user guide for a tool or a software. CHM files are …

SAFE - BadRabbit Ransomware analysis

BadRabbit Ransomware analysis

BadRabbit is a ransomware used in a cyberattack which targeted eastern Europe and Russia in October 2017. The name Bad Rabbit was given to this malware because of its presence on the ransom website. Just like NotPetya, BadRabbit uses EternalRomance to spread into networks and brute force access on computers based on a default credentials list.   BadRabbit Execution Flow …