Malware analysis

In this part of the article series, we will look how we can look at the inner workings of a malware. In part 1 and part 2 we have worked on the behavioral analysis...

In Part 1, we have seen that how to perform behavioral analysis on a malicious specimen. In this article, we will look at another specimen and perform behavioral...

On August 15th, 2012, the Saudi Arabia's oil company, Saudi Aramco announced that its systems and its internal network were victims of a cyber-attack. According...

In this article series, we will learn about malware behavioral and code analysis. For part 1, I will cover behavioral analysis of one of the specimens. Behavioral...

The file is not packed. It has been written in MSVC (Possibly 2010). Following are the headers present in the PE structure. Below is the PEDUMP of the Trojan PE...

Binary starts fixing the API calls. After fixing up the imports, the Reg32 path is retrieved. Default heap is accessed, and Socket / MAC addresses are retrieved....

In August 2015, the researcher MalwareMustDie analyzed samples of a new ELF Trojan backdoor, dubbed ELF Linux/Mirai, specifically designed to target IoT...

In Part 1 of this article series, we had a look at the ways to recognize packed executables and various ways to automate the unpacking process. In this article,...

In this article series, we will learn about the characteristics possessed by a packed malware specimen and how to unpack them. In the unpacking section, we...

In the last couple of years, security firms have observed an increasing number of malware specifically designed to target Linux-based systems. Linux, like...