In-Depth Analysis of .NET Malware JavaUpdtr

FortiGuard Labs recently captured some malware which was developed with the Microsoft .Net framework. I analyzed one of them, and in this blog, I’m going to show you how it is able to steal information from a victim’s machine.

The malware was spread via a Microsoft Word document that contained an auto-executable malicious VBA Macro. Figure 1 below shows how it looks when it’s opened.

Figure 1. When the malicious Word document is opened

What the VBA code does

Once you click the “Enable Content”…

Article Link: https://blog.fortinet.com/2017/06/28/in-depth-analysis-of-net-malware-javaupdtr