In-Depth Analysis of A New Variant of .NET Malware AgentTesla

June 28, 2017

FortiGuard Labs recently captured some malware which was developed with the Microsoft .Net framework. I analyzed one of them, and in this blog, I’m going to show you how it is able to steal information from a victim’s machine. The malware was spread via a Microsoft Word document that contained an auto-executable malicious VBA Macro. Figure 1 below shows how it looks when it’s opened. Figure 1. When the malicious Word document is opened What the VBA code does Once you click the “Enable Content”...

Read more...

Previous Article
A Technical Analysis of the Petya Ransomworm
A Technical Analysis of the Petya Ransomworm

Yesterday, a new ransomware wreaked havoc across the world. This new malware variant, which combines the fu...

Next Article
Fortinet UTM: A Gartner’s Magic Quadrant Leader 8 Times in a Row
Fortinet UTM: A Gartner’s Magic Quadrant Leader 8 Times in a Row

Fortinet’s UTM solutions have been positioned in the leader’s quadrant of Gartner’s annual Magic Quadrant f...