• Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg
  • Delicious

Anti-Malware Laboratory

Yet Another Malware Blog

About

An informal blog from your friendly neighborhood software security humans.

Blog Archive

  • ►  2015 (5)
    • ►  October (1)
    • ►  August (2)
    • ►  May (1)
    • ►  March (1)
  • ►  2014 (8)
    • ►  October (1)
    • ►  July (1)
    • ►  June (1)
    • ►  May (4)
    • ►  April (1)
  • ▼  2013 (12)
    • ▼  December (3)
      • A Hesperbot Core Analysis
      • PDF CVE-2013-5065 - Dropped BAD Malware
      • New PDF Exploit uses 2 new vuln's + JJencode
    • ►  November (5)
    • ►  August (2)
    • ►  March (2)
  • ►  2012 (35)
    • ►  April (4)
    • ►  March (12)
    • ►  February (17)
    • ►  January (2)

Categories

adobe (1) android (10) android february (1) baksmali (1) Black Hole (2) crimepack (1) disassembler (1) exploit (3) Exploits (4) Fakeav Winrar sfx (1) Fishbowl (1) flash (1) gift certificates (1) Google Authenticator (1) google play (1) hcp (1) java (1) Malware (5) mdac (1) Mobile (24) NSA Mobility Program (1) obfuscated script (1) pdf (1) Reversing (2) rhino (1) skype (1) smali (1) spam (1) test (1) Unpacking (1) vouchers (1) vulnerability (3)

Popular Posts

  • Bank of America spam: An Analysis
    An email claiming to be from Bank of America lures users to open an attachment that shows how to open secure emails from the bank. The mess...
  • [BE CAUTIOUS] Dragon Ball Z: Resurrection of F MALWARE and SCAM
    Be wary of downloading movies in torrent sites.  Executables can also be executed with a file size as huge as a gigabyte...
  • Unpacking MFC Compiled CryptoWall Malware
    Unpacking MFC Compiled CryptoWall Malware Introduction First and foremost, this article does not intend to analyze what CryptoWall malw...

Visitors to this blog

Thursday, December 26, 2013

A Hesperbot Core Analysis

Posted on Thursday, December 26, 2013 by Unknown | No comments
A Hesperbot Core Analysis Like most malware families, Hesperbot may originate in a spam email. Once executed, it will attempt to download its malicious modules through command-and-control (C&C) servers and monitor the activities of the infected computer. These “monitoring activities” may range from logging of keystrokes, recording of the screen, web browser hijacking...
Read More

Friday, December 6, 2013

PDF CVE-2013-5065 - Dropped BAD Malware

Posted on Friday, December 06, 2013 by Unknown | No comments
This malware is definitely created by a professional as it has an advance method of installing itself. And the malware author knows that what he/she created is BAD. 0x0BAD - Signature of ShellCode for data stealing. Installation This malware was dropped by a PDF file that takes advantage of a known vulnerability which results to Privilege Escalation. To maintain its...
Read More

Thursday, December 5, 2013

New PDF Exploit uses 2 new vuln's + JJencode

Posted on Thursday, December 05, 2013 by Unknown | No comments
Last week, a new zero-day exploit has been found in the wild. The exploit is a vulnerability that allows attackers to escalate privilege and execute code in kernel or ring0 mode. More details of the CVE-2013-5065 vulnerability can be found in this Microsoft website. After we got a sample of the supposed PDF that was used in the targeted attack,we immediately went to work...
Read More
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)
volute-glacial
volute-glacial
 volute-glacial
volute-glacial
Copyright © 2025 Anti-Malware Laboratory | Powered by Blogger
Design by Fabthemes | Blogger Template by NewBloggerThemes.com