Posts Taggedreverse engineeering

Breaking TA505’s Crypter with an SMT Solver

TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT

Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10

Daniel Bunce explains how to decrypt traffic between an attacker’s C2 and an endpoint infected with ISFB malware

Vitali Kremez dissecting the ‘Fin7’ malware chain that leverages malicious MS Office Macros and a JS loader.

Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems.

Vitali Kremez explaining the RIG Exploit Kit and the infection chain internals that led to the Amadey Stealer and Clipboard Hijacker.

https://t.co/768Y2tyrlu COVID-19 Outbreak | Defending Against the Psychology of Fear, Uncertainty and Doubt | By Mo… https://t.co/SkrMdiplnX23 hours ago
How TrickBot Malware Hooking Engine Targets Windows 10 Browsers - https://t.co/p2p21c4jRi #SentinelLabs… https://t.co/s9zBoz2ckyyesterday
Our weekly news digest is now live! https://t.co/3CgPESD8aU | #Microsoft targets #hospitals with free help to i… https://t.co/lMYg3x1gscyesterday
Cyber criminals are ruthlessly exploiting COVID-19 fears with pandemic-related scams, phishing and malware campaign… https://t.co/HTPg1eqRrAyesterday

0 / 45