• Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg
  • Delicious

Anti-Malware Laboratory

Yet Another Malware Blog

About

An informal blog from your friendly neighborhood software security humans.

Blog Archive

  • ►  2015 (5)
    • ►  October (1)
    • ►  August (2)
    • ►  May (1)
    • ►  March (1)
  • ►  2014 (8)
    • ►  October (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (4)
    • ►  April (1)
  • ▼  2013 (12)
    • ►  December (3)
    • ▼  November (5)
      • Upatre - Zbot downloader in a Spam
      • CryptoLocker - a Ransomware
      • DETAILED ANALYSIS OF Trojan.Win32.Duqu: The Key Lo...
      • CVE 2013 3918 - Another zero day?
      • CIDOX Bootkit
    • ►  August (2)
    • ►  March (2)
  • ►  2012 (35)
    • ►  April (4)
    • ►  March (12)
    • ►  February (17)
    • ►  January (2)

Categories

adobe (1) android (10) android february (1) baksmali (1) Black Hole (2) crimepack (1) disassembler (1) exploit (3) Exploits (4) Fakeav Winrar sfx (1) Fishbowl (1) flash (1) gift certificates (1) Google Authenticator (1) google play (1) hcp (1) java (1) Malware (5) mdac (1) Mobile (24) NSA Mobility Program (1) obfuscated script (1) pdf (1) Reversing (2) rhino (1) skype (1) smali (1) spam (1) test (1) Unpacking (1) vouchers (1) vulnerability (3)

Popular Posts

  • Bank of America spam: An Analysis
    An email claiming to be from Bank of America lures users to open an attachment that shows how to open secure emails from the bank. The mess...
  • [BE CAUTIOUS] Dragon Ball Z: Resurrection of F MALWARE and SCAM
    Be wary of downloading movies in torrent sites.  Executables can also be executed with a file size as huge as a gigabyte...
  • Unpacking MFC Compiled CryptoWall Malware
    Unpacking MFC Compiled CryptoWall Malware Introduction First and foremost, this article does not intend to analyze what CryptoWall malw...

Visitors to this blog

Monday, November 18, 2013

Upatre - Zbot downloader in a Spam

Posted on Monday, November 18, 2013 by Unknown | No comments
This trojan comes as a spam email. Here are sample spam emails: Like some CryptoLocker samples, this trojan uses a very similar decryption method. It uses VirtualAlloc to allocate memory space where it will decrypt the embedded PE Image, and then calls VirtualProtect so that it can overwrite itself with the newly decrypted PE Image and then passes the control to it. Here's...
Read More

Sunday, November 17, 2013

CryptoLocker - a Ransomware

Posted on Sunday, November 17, 2013 by Unknown | No comments
What is a Ransomware? A ransomware is a malicious program that encrypts all of document, picture and movie files in a computer. And to be able to decrypt them, the user must pay the malware author for some amount of money. CryptoLocker This ransomware, once executed, will search for document files that it targets and encrypt them using an RSA algorithm. And the user may pay...
Read More

Thursday, November 14, 2013

DETAILED ANALYSIS OF Trojan.Win32.Duqu: The Key Logger Module

Posted on Thursday, November 14, 2013 by Unknown | No comments
INTRODUCTION Duqu malware is a collection of malware components that together provide services to attackers. It may arrive as a Microsoft Word (.doc) that exploits Win32k TrueType font parsing engine and allows execution. This document will be solely focused on the key logger component of Duqu. SUMMARY The file in study is the info stealer/key logger component “a...
Read More
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)
volute-glacial
volute-glacial
 volute-glacial
volute-glacial
Copyright © 2025 Anti-Malware Laboratory | Powered by Blogger
Design by Fabthemes | Blogger Template by NewBloggerThemes.com