In last days of March, Telsy TRT captured same malicious macro armed documents likely tergeting ASEAN affairs and meeting members. Telemetry and spreading statistics related to these decoy documents highlight their diffusion in the geographical area of Thailand. According with OSINT information, the 34th ASEAN Meeting will be held in Bangkok, Thailand, on June 2019. These malicious documents have been designed to induce the victims to enable a macro code that will lead to an in-memory payload injection through the use of layered obfuscation techniques. At the time of analysis, the full infection cycle showed a very low detection rate in comparison with the major anti-malware solutions. On the basis […]
This post introduces the blog of the Telsy Threat Recon Team.