November 28, 2017
A screen locker is a malware in which the primary purpose is to lock the victim's screen by displaying a fearful message designed to invoke a high level of f
March 22, 2017
In this second article on the dropper, we will resume our analysis right where we left off: the decryption of the key and data. After the decryption, two str
March 13, 2017
Avatar was first detected by ESET circulating in the wild in early 2013 [1]. However, no samples were collected for analysis until May of the same year. ESET
August 26, 2016
In the previous part, we stopped right at when the decision of which approach to use to encrypt the data, i.e. either Petya or Mischa. In this article, we wi
July 20, 2016
Introduction What makes Petya a special ransomware is that it doesn't aim to encrypt each file individually, but aims for low-level disk encryption. In this
January 11, 2016
Introduction: In the second part of this analysis, we will be exploring how Pony steals data and how it sends it to the C&C server. We are equally intere
December 3, 2015
Introduction: A stealer is a type of malware that looks for passwords stored on the machine and sends them remotely (e.g. mail, HTTP) to an attacker. Most st
September 29, 2015
In code obfuscation, a virtual machine is a mechanism used to execute a different instruction set than the one used by machine that runs the program. For exa
August 30, 2013
Introduction : A key generator or a Keygen is a computer program that will generate a valid « Product Serial or Key » in order to completely register a soft
