Category Archives: Security

Microsoft Office DDE Detection

In this article we’re not going to discuss how DDE works, there are plenty of excellent resources about this topic already (also here and here). Instead we’re going to see how to inspect DDE field codes in Profiler. In fact, … Continue reading

Posted in CFBF, Profiler, Security | Tagged , , , | 2 Comments

URL Download Action (Tor)

In the upcoming version of Profiler Advanced we have introduced a new useful action, namely the URL Download action. Many times in previous posts we have analyzed some malware which at the end of its shellcode ended up downloading a … Continue reading

Posted in Action, Profiler Advanced, Security | Tagged , , | Comments Off on URL Download Action (Tor)

Disclosure: Creating undetected malware for OS X

While this PoC is about static analysis, it’s very different than applying a packer to a malware. OS X uses an internal mechanism to load encrypted Apple executables and we’re going to exploit the same mechanism to defeat current anti-malware … Continue reading

Posted in Security | Tagged , , , , | 17 Comments

Creating undetected malware for OS X

We have discovered a way to defeat current anti-malware solutions. We will publicly disclose the full details of the issue in a few weeks. In the meantime, we’re more than happy to confidentially disclose the information with interested organizations (either … Continue reading

Posted in Security | Tagged , , , | Comments Off on Creating undetected malware for OS X