Monthly Archives: July 2016

Using NodeJS To Deobfuscate Malicious JavaScript

Introduction A group of analysts in the office are spending some time reverse engineering an Angler sample found at http://malware-traffic-analysis.net/2016/03/02/index2.html. The website shows a screen capture of the malicious javascript that was injected into a page served by a compromised

Posted in Reverse Engineering Tagged with: , , ,

Reverse Engineering a Malicious MS Word Document

Introduction This blog post analyzes a Word document that was used to deliver a ransomware executable. The Word document includes a macro that will execute when the document is opened if the end user clicks a button called “enable content”.

Posted in Reverse Engineering Tagged with: , ,