hasherezade
Malware Intelligence Analyst

Unpacks malware with as much joy as a kid unpacking candies.

August 30, 2018 - When we recently analyzed payloads related to Hidden Bee (dropped by the Underminer EK), we noticed something unusual. After reversing the malware, we discovered that its authors actually created their own executable format. Follow our step-by-step analysis for a closer look.

CONTINUE READINGNo Comments

August 13, 2018 - Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use mixed in with Process Hollowing, yet another technique, in a dropper for the Osiris banking Trojan.

CONTINUE READINGNo Comments

May 22, 2018 - About three weeks ago, we published our second CrackMe, which has triggered a lot of interest, and many high-quality write-up submissions. In this post, we summarize the contest and comment on the submissions. Whose write-up won? Read on to find out.

CONTINUE READINGNo Comments

April 27, 2018 - Last November, we launched the first Malwarebytes CrackMe. Encouraged by an overwhelmingly positive response, we decided to repeat the game—this time making it even harder and more fun.

CONTINUE READINGNo Comments

April 18, 2018 - Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot: a Python-based adware.

CONTINUE READINGNo Comments

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language