In part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and dynamic analysis indicators. In this second part of the blog series we will cover the malicious documents and malicious executables.
more here...........http://vrt-blog.snort.org/2014/07/threat-spotlight-string-of-paerls-part.html
more here...........http://vrt-blog.snort.org/2014/07/threat-spotlight-string-of-paerls-part.html