Vjw0rm is a javascript-based worm. It keeps coming up with different AV bypass mechanisms day by day, and according to our research, Vjw0rm was first seen in 2020-2021. Vjw0rm can perform operations with different commands. It communicates with the C2 … Read More
Author Archives: Ali Paşa Turhan
The New AV Bypass Technique: Embedded Malicious Word in PDF File
Attackers can create files with a PDF signature by manipulating the file structure to bypass AVs. An MHT file created in Word and containing macros is embedded in a PDF file. Then, when this file is recognized as a PDF, … Read More
Deep Dive: Analysis of Shell Link (.lnk) Files
.lnk files, commonly known as shortcuts, allow a specific application to run. Usually, users can safely access these files on their computers and run them correctly. However, malicious actors have the potential to use these files to trick users into … Read More
Tags: LNK Structure, Malicious LNK
Unraveling Obfuscated Macros in Office Files:A Step-by-Step Guide
Phishing attacks are one of the most common security threats in the digital world today. In recent years, there has been a trend of malicious actors using Office files to make their targets more sophisticated. Office files are files that … Read More
Tags: Obfuscated File