Collaborate Disseminate
Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many obfuscation steps and implementation languages. During the an… Continue reading Interesting hidden threat since years ?
I published the following diary on isc.sans.org: “Simple Analysis of an Obfuscated JAR File“. Yesterday, I found in my spam trap a file named ‘0.19238000 1509447305.zip’ (SHA256: 7bddf3bf47293b4ad8ae64b8b770e0805402b487a4d025e31ef586e9a52add91). The ZIP archive contained a Java archive named ‘0.19238000 1509447305.jar’ (SHA256: b161c7c4b1e6750fce4ed381c0a6a2595a4d20c3b1bdb756a78b78ead0a92ce4). The file had a score of 0/61 in VT and
[The post [SANS ISC] Simple Analysis of an Obfuscated JAR File has been first published on /dev/random]
Continue reading [SANS ISC] Simple Analysis of an Obfuscated JAR File
Continuing with the never ending series of malware email attachments is an email with the subject of payment slip coming or pretending to come from random companies, names and email addresses with an ACE attachment ( ACE files are a sort of zip file that normally needs special software to extract. Windows … Continue reading → Continue reading fake swift copy notification payment slip malspam with an ACE attachment delivers malware and a jrat Trojan
Continuing with the never ending series of malware email attachments is an email with the subject of payment slip coming or pretending to come from random companies, names and email addresses with an ACE attachment ( ACE files are a sort of zip file that normally needs special software to extract. Windows … Continue reading → Continue reading fake swift copy notification payment slip malspam with an ACE attachment delivers malware and a jrat Trojan
A rash of Java-based remote access Trojans is targeting tax filers with bogus IRS attachments. Continue reading Wave of Java-Based RATs Target Tax Filers