Posts
-
Locky Ransomware Dropper - XOR Encoding, Regex, Scheduled Tasks
Javascript-based Locky Ransomware Dropper that utilises Iterative XOR Encoding, Regex, Scheduled Tasks and registry keys.
-
Mordor Ransomware Dropper - Obfuscated Javascript with Hidden Payloads
Javascript Malware Dropper that retrieves and executes a Mordor Ransomware payload. Utilises a few basic anti-automation techniques.
-
Carbanak Ransomware Dropper - Obfuscated Javascript with Hidden Powershell Payload
Malware dropper that uses obfuscated javascript to execute powershell commands and drop a Carbanak ransomware payload.
-
Cerber Ransomware Dropper - Custom XOR routine with Regex, XOR and many charcodes
Malware dropper utilising some interesting custom routines for obfuscating a final payload. Regex, XOR and charcodes.
-
Teslacrypt Malware Dropper with IOC Extraction
Reverse engineering a basic javascript malware dropper that retrieves a Teslacrypt payload.
-
Javascript Malware Dropper
Reverse engineering a well obfuscated javascript malware dropper that retrieves a malicious binary payload.
-
Javascript Malware Dropper
De-obfuscating a nicely obfuscated javascript malware dropper. Utilises registry key checks, and a bit of math.
subscribe via RSS