逆向病毒分析

CVE-2024-23940 超复杂的 0day APT 超级恶意软件代理 EXE

xia't近期，网络安全研究人员雷纳托·加雷顿（@d Plastico）和米格尔·门德斯（@s1kr10s）携手进行了一项引人注目的研究，发现了防病毒软件内部存在一些不容忽...

逆向病毒分析

10个月前

关于AES算法的逆向总结(从wannacry勒索样本展开)

概述此篇文章大概分两个模块，一部分简单做了下wannacry的一些随笔记录，一部分是关于Wannacry勒索样本使用的加密算法AES底层的ida逆向代码分析...

逆向病毒分析

10个月前

[系统安全] 五十五.恶意软件分析 (7)IDA Python基础用法及CFG控制流图提取详解[上]

感谢2023年的陪伴，2024年继续加油^_^该系列文章将系统整理和深入学习系统安全、逆向分析和恶意代码检测，文章会更加聚焦，更加系统，更加深入，也是作者的慢...

逆向病毒分析

10个月前

AgentTesla间谍软件分析

点击蓝字关注我们一、基本信息 AgentTesla是一款源自土耳其的间谍软件，自2014年被发现以来一直保持活跃状态，主...

逆向病毒分析

10个月前

OLLVM虚假控制流源码分析

runOnFunction函数if (ObfTimes <= 0) { errs()<<'BogusControlFlow application number -bcf_loop=x must be x > 0'; return fal...

逆向病毒分析

10个月前

Mimic 랜섬웨어를 사용하는 Trigona 랜섬웨어 공격자

AhnLab SEcurity intelligence Center(ASEC)은 최근 Trigona 랜섬웨어 공격자가 Mimic 랜섬웨어를 설치하는 새로운 활동을 확인하였다. 이번에 확인된 공격 ...

逆向病毒分析

10个月前

JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener

Executive Summary: 摘要： In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cr...

逆向病毒分析

10个月前

Mexican Banks and Cryptocurrency Platforms Targeted With AllaKore RAT

Summary 总结 A financially motivated threat actor is targeting Mexican banks and cryptocurrency trading entities with custom packaged installers de...

逆向病毒分析

10个月前

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver 

Following an increase in bring-your-own-vulnerable-driver (BYOVD) attacks launched by ransomware groups in 2023, the Kasseika ransomware is among t...

逆向病毒分析

10个月前

Parrot TDS: A Persistent and Evolving Malware Campaign

Executive Summary 摘要 A traffic direction system (TDS) nicknamed Parrot TDS has been publicly reported as active since October 2021. Websites with...

逆向病毒分析

10个月前

相关文章