TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function
Browsing CategoryCrimeware
New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware
The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets
SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”
Maze Ransomware Update: Extorting and Exposing Victims
Maze ransomware doesn’t just demand payment for a decryptor but exfiltrates victim data and threatens to leak it publicly if the target doesn’t pay up.
How TrickBot Malware Hooking Engine Targets Windows 10 Browsers
Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10
Writing Malware Traffic Decrypters for ISFB/Ursnif
Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware
Writing Malware Configuration Extractors for ISFB/Ursnif
Daniel Bunce demonstrating automated IOC extraction using a python script and an example of ISFB/Ursnif malware.
Info Stealers | How Malware Hacks Private User Data
Continuing our free Zero2Hero malware reverse engineering course, Daniel Bunce dives into the details of KPot, Vidar & Raccoon Info Stealers.
Detecting macOS.GMERA Malware Through Behavioral Inspection
New malware hits macOS with well-worn techniques. Can behavioral detection prevent attacks that evade legacy AV and built-in Apple security?
Trickbot Update: Brief Analysis of a Recent Trickbot Payload
In many ways, Trickbot parallels the evolution of contemporary threats (such as #Emotet) via its modular and expandable architecture. We took it for a test