Recently we caught a VBScript which uses an interesting way to hide its datas.
Category: Malware Analysis
Malicious Repacked KMSpico
KMSpico is a well-known tool to activate Microsoft’s product, though it has stopped update already and it’s illegal.
And there are lots of repacked version on the Internet, we got a sample which looks a bit more interesting.
Document with downloader script
About 2 days ago, we caught an interesting sample which hides its downloader script in the info of document.