Stego Malware And DotNet

Greetings and salutations. Today I’m going to be going over some malware I found in the wild. I found it after doing a search for ‘hack’ on the ‘rapidshare’ section of 4chan. With the name ‘SteamHackCount.exe’, being about 350 kb, and having the Apple icon? Totally legit right??? Opening the program in IDA showed the […]

Restoring McAfee BUP Files

Hello fellow readers, Its been a while since I’ve posted. Today at work I was going over malware already flagged by McAfee and sent to the quarantined folder. The way McAfee encrypts / encodes its quarantined files is pretty basic – XOR (exclusive OR) on each byte by the value of 0x6a (106 in decimal). […]

Reversing a Botnet

Howdy fellow crackers and hackers alike! Have I got a treat for you? A live botnet. The other day at work, I encountered a number of machines all attacking other hosts. Normally its just one machine, but this there were several. We isolated the exe responsible because it was eating up 100% CPU (not exactly […]