The new maxtrilha trojan is being disseminated and targeting several banks
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and…
Categoria: reverse engineering
Netwalker ransomware full analysis
Netwalker is a data encryption malware that represents an evolution of the well-known Kokoklock ransomware and has been active since September 2019. This article will detail the specific technical features of the Netwalker ransomware. We will analyze what Netwalker is, how it works, and how you can avoid falling victim to this threat.
Ragnar Locker – Malware analysis
Ragnar Locker is ransomware that affects devices running Microsoft Windows operating systems. It was initially observed towards the end of December 2019 as part of a series of attacks against compromised networks.
Secrets behind the Lazarus’s VHD ransomware
Data encryption malware is one of the most popular malware families in recent years and targets mass volumes of users and companies around the world. In this article, we will take a deep dive into a new VHD ransomware distributed in the wild by the Lazarus group — the criminals behind the WannaCry incident in 2017.
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal
The clandestine Horus Eyes RAT: From the underground to criminals’ arsenal.
A taste of the latest release of QakBot
A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since 2007.
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware.
Lampion trojan disseminated in Portugal using COVID-19 template
The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in Portugal using COVID-19 template.
Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader
Threat analysis: The emergent URSA trojan impacts many countries using a sophisticated loader.
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader
New release of Lampion trojan spreads in Portugal with some improvements on the VBS downloader.
TroyStealer – A new info stealer targeting Portuguese Internet users
TroyStealer – A new info stealer targeting Portuguese internet users.
In-depth analysis of a trojan banker impacting Portugal and Brazil
In-depth analysis of a trojan banker impacting users in Portugal and Brazil at the end of May 2020.
Trojan Lampion is back after 3 months
Trojan Lampion is back after 3 months. The malware was observed last days with a new obfuscation layer, new C2, and distributed inside an MSI file.
Brazilian trojan banker is targeting Portuguese users using browser overlay
Brazilian trojan banker is targeting Portuguese users using browser overlay.