Binary Ninja Plugin: fix-stomped-imports
Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware that proved to be tricker than expected. As we'll see, this sample maps a PE [...]
Recently, in response to a customer incident we needed to reverse engineer a malware sample of WhiteRabbit ransomware that proved to be tricker than expected. As we'll see, this sample maps a PE [...]
In this series we’ll document a novel and as-yet-undocumented Virtual Machine detection trick for each month of 2021. These detection tricks will be focused on 64-bit Windows 10 or Windows Server 2019 guests, [...]
As part of our research into threats facing the marine and offshore sector, we recently uncovered an ongoing malware campaign. It makes use of specific maritime industry related document lures, and attempts to [...]
Commonly, malware will fingerprint the host it executes on, in an attempt to discover more about its environment and act accordingly. Part of this process is quite often dedicated to analyzing specific data [...]
We recently received an email which contained a malicious Word macro. Usually, the only thing that changes between malicious Office macros is the obfuscation that is used; e.g. changing variable names and splitting text strings. This [...]