King Ouroboros is a family of ransomware that encrypts files and appends the .[id=XXXXXXXXXX][[email protected]].limbo extension and drops ransom note file Read-Me-Now.txt.
Jacksbot is a multi-platform backdoor which can run on multiple operating systems as it is a java application. Jacksbot can also be quoted as a RAT (Remote Access Tool) as it has abilities to connect to a command and control server. It has a limited set of commands associated but is enough to make a […]
NetWiredRC is a trojan used by APT33 group which allows remote unauthorized access and control of an affected computer. An attacker can perform more than 100 different actions on an infected computer using this remote access tool. This article includes analysis of entire command and control structure of the malware. In this specific version of […]
In this blog post I am going to show you how to manually unpack any packed executables. Malware authors and other commercial software authors pack their executables to make them unreadable and to make it difficult for analyst/reverse engineers to analyse and reverse the application. But anyhow the application will have to unpack itself in […]
There is always something that might go wrong because of a simple mistake while analysing a malicious sample. You should always be careful as it might get you in some serious troubles. In this blog post, I will try to mention all the precautions you should take to remain on the safer side and some […]