Month: July 2016

Using NodeJS To Deobfuscate Malicious JavaScript

Introduction A group of analysts in the office are spending some time reverse engineering an Angler sample found at The website shows a screen capture of the malicious javascript that was injected into a page served by a compromised

Tagged with: , , ,

Reverse Engineering a Malicious MS Word Document

Introduction This blog post analyzes a Word document that was used to deliver a ransomware executable. The Word document includes a macro that will execute when the document is opened if the end user clicks a button called “enable content”.

Tagged with: , ,