Week 2 – Email Attachment Malware

Email is one of the favorite methods used by attackers to infect systems. The malware used in email campaigns is often ransomware or banking malware.
They can come as attachments with the malicious executable inside. They can come as Microsoft Office documents that contain a malicious macro. The macro will download ransomware or banking malware after execution and also JavaScript files, executed by Wscript in Windows, dropping, for example, Locky ransomware. The malware is protected by the .NET obfuscator Smart Assembly, so it’s not practical to reverse engineer the malware to get more information about it. The PowerShell plus .lnk offers stealth on many sandbox systems so difficult to catch. There is no more information on what the malware does except download files from your pc to the temp folder. It wasn’t completely clear on this article, will try to find more informative website for future blogging. The source code is displayed here https://blogs.mcafee.com/mcafee-labs/malware-employs-powershell-to-infect-systems/ though which I found to be interesting, take a look for yourself. It’s funny how simple some of these virus malwares are. No wonder they have software nowadays that can just make theses virus files or attacks. There is a whole set of terminology that has become from these computer threats.

This post was written by: Martin Hand


If you find this information helpful please consider a donation. These articles, questions and comments are very time consuming so even a small donation gives me motivation to keep educating automotive owners. Donations will allow us to continue open questioning/comments, automotive education and repair tutorials in the future as the business grows. All proceeds go to the expansion and maintenance mdhmotors.com. Thank You

MDH Motors logo

About Martin Hand

ASE Certified L1 Advanced Mastertech. Martin Hand has over 15 years experience in Asian and European Import Auto Repair. Specializing in electrical diagnosis, engine performance, AT/MT transmission repair/rebuild. Martin is also pursuing a degree in Computers Science & Information Systems starting at Portland Community College while he plans to transfer to OIT. Certified in Java application level programming, experienced with other languages such as PHP, Ruby, JavaScript and Swift. Martin has future plans of automotive diagnostic software development.