Dropper – Page 2 – WindowsTechs.com

Fin7 Cybergang Retools With New Malicious Code

Posted on October 11, 2019 by Lindsey O'Donnell

A new dropper and payload show that Fin7 isn’t going anywhere despite a crackdown on the infamous group by law enforcement in 2018. Continue reading Fin7 Cybergang Retools With New Malicious Code→

HQWar: the higher it flies, the harder it drops

Posted on October 2, 2019 by Victor Chebyshev

Now one can say that only the lazy did not use Hqwar: Kaspersky’s collection of viruses features over 200,000 Trojans packed using Hqwar. Continue reading HQWar: the higher it flies, the harder it drops→

Hello! My name is Dtrack

Posted on September 23, 2019 by Konstantin Zykov

When we first discovered ATMDtrack, we thought we were just looking at another ATM malware family. Now we can add another family to the Lazarus group’s arsenal: ATMDtrack and Dtrack. Continue reading Hello! My name is Dtrack→

Malicious App on Google Play Tallies 100 Million Downloads

Posted on August 27, 2019 by Tom Spring

Seemingly handy PDF and OCR app turns out to be a privacy horror show. Continue reading Malicious App on Google Play Tallies 100 Million Downloads→

[SANS ISC] Simple Mimikatz & RDPWrapper Dropper

Posted on August 23, 2019 by Xavier

I published the following diary on isc.sans.edu: “Simple Mimikatz & RDPWrapper Dropper“: Let’s review a malware sample that I spotted a few days ago. I found it interesting because it’s not using deep techniques to infect its victims. The initial sample is a malicious VBScript. For a few weeks, I started

[The post [SANS ISC] Simple Mimikatz & RDPWrapper Dropper has been first published on /dev/random]

Continue reading [SANS ISC] Simple Mimikatz & RDPWrapper Dropper→

Turla renews its arsenal with Topinambour

Posted on July 15, 2019 by GReAT

2019 has seen the Turla actor actively renew its arsenal. Its developers are still using a familiar coding style, but they’re creating new tools. Here we’ll tell you about several of them, namely “Topinambour” and its related modules. Continue reading Turla renews its arsenal with Topinambour→

New FormBook Dropper Harbors Obfuscation, Persistence

Posted on June 12, 2019 by Lindsey O'Donnell

Never-before-seen dropper found in FormBook samples that has increased persistence and obfuscation capabilities. Continue reading New FormBook Dropper Harbors Obfuscation, Persistence→

Platinum is back

Posted on June 5, 2019 by Andrey Dolgushev

In June 2018, we came across an unusual set of samples spreading throughout South and Southeast Asian countries targeting diplomatic, government and military entities. Continue reading Platinum is back→

Mains Power Supply for ATtiny Project is Probably a Bad Idea

Posted on April 2, 2019 by Dan Maloney

When designing a mains power supply for a small load DC circuit, there are plenty of considerations. Small size, efficiency, and cost of materials all spring to mind. Potential lethality seems like it would be a bad thing to design in, but that didn’t stop [Great Scott!] from exploring capacitive …read more

Continue reading Mains Power Supply for ATtiny Project is Probably a Bad Idea→

Mobile malware evolution 2018

Posted on March 5, 2019 by Victor Chebyshev

Users of mobile devices in 2018 faced what could be the strongest cybercriminal onslaught ever seen. Over the course of the year, we observed both new mobile device infection techniques and a step-up in the use of tried-and-tested distribution schemes (for example, SMS spam). Continue reading Mobile malware evolution 2018→