New version of IcedID Trojan uses steganographic payloads
We take a deep dive into the IcedID Trojan, describing the new payloads of this advanced malware.
Analyzing a new stealer written in Golang
We captured a new information-stealing malware written in Golang (Go). Read up on our analysis of its functionality, as well as the tools researchers can use to unpack malware written in this relatively new programming language.
Malware analysis: decoding Emotet, part 1
In the first part of this two-part analysis of Emotet, we look at the VBA code, where you’ll learn how to recognize and discard “dead” code thrown in to complicate the analysis process.
Spartacus ransomware: introduction to a strain of unsophisticated malware
Spartacus ransomware is a fairly new variant seen in 2018. We’ll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state.
An in-depth malware analysis of QuantLoader
QuantLoader is a Trojan downloader that has been used in campaigns serving a range of malware, including ransomware, Banking Trojans, and RATs. In this post, we’ll take a high-level look at the campaign flow, as well as a deep dive into how the malware executes.
A coin miner with a “Heaven’s Gate”
The Heaven’s Gate technique has been around since 2009. But now coin miners are using it to maximize their performance in the target architecture.
Complex Method of Obfuscation Found in Dropper RealShell
The fight against malware is never-ending for a threat researcher, and in the mobile malware arena the fight is becoming more complex at an accelerated rate as the malware authors continue to create new ways of obfuscation.
Five PE Analysis Tools Worth Looking At
In the world of malware analysis, having the right tools can make all the difference. Fortunately, there are many to choose from.
Malicious Messages Foray Facebook
A trojan is circulating through Facebook stealing accounts and (probably) taking creds.