Malware analysis

Andromeda, also known as Win32/Gamarue, is an HTTP based botnet. It was first spotted in late 2011, and is still at this moment used a lot in herding. It has...

Part One of this series was a very basic level, and had only thrown light on what Moose Malware actually is, as well as its components and related IoC's. In...

Lethic is a spam botnet consisting of an estimated 210 000 - 310 000 individual machines which are mainly involved in pharmaceutical and replica spam. At the...

In this article series, we will learn about a famous Linux family of malware known as MOOSE, which is used to steal unencrypted traffic over the wire and infect...

So far, in the previous articles, we learnt how to exploit an application remotely. We ran the Python script directly on the Machine B, which was the attacker...

All the Stuff  You Know Before Starting Research Malware research contains a lot of information like reverse engineering, exploit-kit, exploit analysis, botnet...

Kuluoz, aka Asprox, is a spam botnet that emerged in 2007. It has been known for sending mass of phishing emails used in conjunction with social engineering...

In this article, we will learn briefly about the various windows functions commonly encountered by malware analysts. Accept: This function is used to...

In this article, we will learn about a malware known as Mumblehard which is known for targeting Linux and BSD OS. This malware opens a backdoor that gives...

As we have covered the malware analysis basics with static techniques here, this post is all about performing the basic analysis of malware using dynamic technique. As...