1. Introduction Social media’s history precedes the 21th century and ever since then malevolent people have attempted to infiltrate the computers of innocent people using
BatchWiper is a very simplistic computer virus, but potentially very dangerous for the availability of the data contained within logical partitions managed by an infected
Trojan.Stabuniq was discovered very recently by Symantec. This type of malware appears to be targeting financial institutions (especially U.S. banks). Stabuniq is fundamentally an information-stealing
cmd.exe – Leveraging the command line for windows: malware analysis and forensics. Part I Abstract : The command prompt for windows is a dark horse
1. Introduction Yara is a tool that helps us identify and classify malware software samples by the use of rules. We can use Yara to
Windows is the most used operating system worldwide. I have met a lot of IT guys in my country and also other computer elites. My
Introduction Before trying to analyze any kind of malware, we need to have a proper environment set up, so we can be most efficient and
A lot of sniffers, rootkits, botnets, backdoor shells and malwares are still on the wild today, which are used by malicious attackers after successfully pawning
In the last installment, we examined the PEB Loader Data Structure. We take up the discussion here. Locate and Isolate the Embedded Decrypted Executable Once
The AV industry is growing every day along with the underground industry that produces all types of malware from simple file infectors to more sophisticated
Another excellent publisher has offered up a generous sample of a book we’ve been talking about. This is Chapter 12 from Practical Malware Analysis – The
DNS is a naming system which coverts human readable domain names into computer readable IP addresses. Whenever there is a query for a domain which
I have a pet hate. This is something that really annoys me when I get a new laptop, which if you ask my girlfriend is
Summary Android’s increasing popularity, combined with the possibility to create alternative markets, makes this platform a fertile ground for malware authors. While most of these
Malware comes in different sizes and shapes. Trojans, worms, viruses, downloaders, and others are becoming more common than common cold medicine. These malware are mixed
Introduction In this paper we are going to talk about the Anticloud Trojan, also know as the TrojanDropper:Win32/Bohu.A and B variant. This malware originated in China
Part One in a multi-part series on holistic, multi-disciplinary analysis and reversing. This post is based on a presentation I gave at the last Thotcon,
In the two years since the Win32/Olmarik family of malware programs (also known as TDSS, TDL and Alureon) started to evolve, its authors have implemented
On a daily basis,we are encountering thousands of new types of malware with unknown content. This malware can come from honeypots, infected websites or even
(quick plug – to all current & future reverse engineers – check out our Reverse Engineering Training Course. We’d love to publish your work next!) Part
