Showing posts with label malware. Show all posts
Showing posts with label malware. Show all posts
Tuesday, November 5, 2019

Brief analysis of Redaman Banking Malware (v0.6.0.2) Sample

Redaman is a well-known banking malware, discovered around 2015. Recently I have been analyzing a recent version of the malware (0.6.0.2, no...
2 comments:
Monday, July 29, 2019

Analysis of the Frenchy Shellcode

In this post I analyze a shellcode that I have named "Frenchy shellcode" because of the mutex that it creates (depending on the ve...
Monday, May 13, 2019

Quick Analysis of AgentTesla SMTP Variant Sample (dated 08-05-2019)

In this post I perform a quick analysis of a recent AgentTesla SMTP variant sample, paying special attention to the strings decryptor (most ...
Friday, March 22, 2019

Analysis of .Net Stealer GrandSteal (2019-03-18)

In this post I share my notes about the analysis of a sample (an stealer written in .Net) whose family is unknown to me (any feedback is wel...
1 comment:
Monday, March 18, 2019

Analysis of BlackMoon (Banking Trojan)'s Evolution, And The Possibility of a Latest Version Under Development

BlackMoon, also known as KrBanker, is a banking trojan that mainly targets South Korea. I thought this family was dead since time ago (aroun...
Tuesday, March 5, 2019

Quick Analysis of a Trickbot Sample with NSA's Ghidra SRE Framework

This post is not a deep analysis of TrickBot. Here, I did a quick analysis of a TrickBot sample from early 2019 by using the Ghidra Software...
Wednesday, January 2, 2019

Analysis of Neutrino Bot Sample (dated 2018-08-27)

In this post I analyze a Neutrino Bot sample. It was probably generated 2018-08-27. I will compare the analyzed Neutrino sample with the Nuk...