MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry
Security Affairs
OCTOBER 17, 2018
Those objects are real Encrypted Ole Objects where the Encrypted payload sits on “EncryptedPackage” section and information on how to decrypt it are available on “EncryptionInfo” xml descriptor. That object was crafted on 2018-10-09 but it was seen only on 2018-10-12. 1 and OleObj.2. Stage2: extracted Payload.
Let's personalize your content