Source |
Fortinet |
Identifiant |
399889 |
Date de publication |
2017-08-23 13:05:00 (vue: 2017-08-23 13:05:00) |
Titre |
Deep Analysis of New Poison Ivy Variant |
Texte |
Recently, the FortiGuard Labs research team observed that a new variant of Poison Ivy was being spread through a compromised PowerPoint file. We captured a PowerPoint file named Payment_Advice.ppsx, which is in OOXML format. Once the victim opens this file using the MS PowerPoint program, the malicious code contained in the file is executed. It downloads the Poison Ivy malware onto the victim's computer and then launches it. In this blog, I'll show the details of how this happens, what techniques are used by this malware, as well as... |
Notes |
|
Envoyé |
Oui |
Condensat |
advice analysis are being blog captured code compromised computer contained deep details downloads executed file format fortiguard happens how ivy labs launches malicious malware named new observed once onto ooxml opens payment poison powerpoint ppsx program recently research show spread team techniques then through used using variant victim well what which |
Tags |
|
Stories |
|
Move |
|