Ring Ø Labs

Search This Blog

Ring Ø Labs DOES NOT advocate using any of the malware, techniques, or information presented here for harm and doing so may violate the law. These topics are for mitigation and educational purposes only. Read more about us here

Thursday, September 21, 2017

Triaging Malicious Word Document


Today we show how to quickly triage a malicious word document rigged with a VBS downloader and obfuscated Powershell.



Saturday, September 9, 2017

Triaging Java JAR Files

Today we show how to quickly triage Java JAR files with a simple, free, and straightforward Java decompiler.





Thursday, August 31, 2017

Worms Caught In Brambuls

Today we analyze an SMB worm that uses GMAIL for C&C checkins and drops a backdoor on infected machines.





Saturday, August 26, 2017

Large Victim Credential Server Uncovered

A seemingly normal PDF Phishing campaign leads to a very large victim credential server.





Sunday, August 20, 2017

Analyzing Obfuscated Locky Ransomware Downloader

Today we analyze a malicious HTML document that claims the user must download a compatibility plugin in order to view the UPS receipt. This HTML document employs several layers of HTML, Javascript, and Executable obfuscation and we show how to analyze all of them.


Friday, August 18, 2017

Fastest Automated Malware Analysis Lab Setup with FREE VM and Tools

How do you get started in Malware Analysis? First, you need an analysis environment in-place to investigate files. Here is the fastest way to automatically setup a Virtual Lab Environment complete with a FREE VM directly from Microsoft and FREE analysis tools.