Every now and then, some group innovates the Malware market, and it seems that the BabbleLoader developers are willing to do this, but not by discovering new evasion techniques, but rather by knowing how to use them to evade detection products that contain Machine Learning (AI). This research will cover the following topics: Below is […]
This post will be a complete review of the Zero2Automated – The Advanced Malware Analysis course, and the certification exam available at the end of the course delivered by 0ffset Training Solutions. About the Course I won’t waste your time reading obvious things that can be found in one of the links I attached above.
This article has a slightly different objective than the last ones I published, it is not about an analysis of specific malware. Today’s article is about a case study of the Latrodectus string decryption algorithm (analyzed in the previous research). The objective is to study how to identify a string decryption algorithm when reverse engineering
[Case Study: Latrodectus] Analyzing and Implementing String Decryption Algorithms Read Post »
My first public malware research was for a strain of IcedID. A few months later, in my nighttime activities, I was working on technical analysis research for Sodinokibi (REvil), a Ransomware that is no longer seen, however, is part of the evolutionary history of the business model that we now know as RaaS. But, I
My first public malware research was regarding an x32 PE stager (exe) from the IcedID family. In this research I analyzed three samples from different years, with the aim of identifying code reuse, and developing a Yara signature capable of detecting any IcedID sample, based on fixed code patterns persistent over the years. So you
IcedID – Technical Analysis of an IcedID Lightweight x64 DLL Read Post »
The road so far… In this post, I will analyze the customized sample of the Zero2Automated: The Advanced Malware Analysis course, which is presented to us when we reach the halfway point of the course. At this point, the course has already explored in a deep and practical way subjects such as Cryptography Algorithms, Unpacking
Zero2Automated – Complete Custom Sample Challenge Analysis Read Post »
In this report I will technical analyze the new IcedID malware, go deep through reverse engineering, debugging and detection engineering. Introduction The IcedID is a banking malware design to steal financial information from your victims. The IcedID malware is also know by MITRE ATT&CK as S0483, and has been around since 2017. The IcedID has
IcedID – Technical Malware Analysis [Second Stage] Read Post »
