May 2020

XLS Zloader Documents still getting 0's "Doughnuts" from AV Detection on VirusTotal: Zloader XLS maldocs with an updated Image Lure has emerged!
I see some great things happening and people noticing some of the Documents that are going around that have some ties to what I call it as Evloution4 based on the chracteristics we have observed. We are following the evolutions (changes) and other TTPS that we have observed since we started to track heavily. The 5th evolution being that of last weeks blog in regards to the XLSM documents ZLoader 4.0 Macrosheets Evolution