Back for part 2 are we? Let’s get this show on the road. We’ve seen how awful the first piece of malware was in terms of how it was thrown together in all but 10 minutes, but you aint seen nothing yet. The next one actually embeds passwords inside and even email addresses. After that, […]
Some may say this is crazy, I call it Wednesday. This came across my desk yesterday and I worked it out today. It came as the payload following a java exploit from an old 2012 CVE (SecurityManager one I think). I’m calling it 0day because there were no listing for the exe in VirusTotal / […]
Hello again fellow readers and security enthusiasts. The last post was filler and I’m sorry for that. Today we’re going to go over some typical malware, start to finish. Exploit to C&C communication. We start with our exploit file. Java of course. Most of the time when I encounter a java file, it’s heavily obfuscated […]
Hello fellow readers! I thought I’d be nice and upload my talk slides as well as the code used and video. Slides Code Video Enjoy!
It happened again at work. This time twice the number of machines hit. The same people hit my company, and they took my advice when I last spoke to them – they obfuscated the executable to make it harder to perform a routine reverse engineering analysis. In this particular case, the obfuscation used was compiled […]
Howdy fellow crackers and hackers alike! Have I got a treat for you? A live botnet. The other day at work, I encountered a number of machines all attacking other hosts. Normally its just one machine, but this there were several. We isolated the exe responsible because it was eating up 100% CPU (not exactly […]