Avast – Avast – MyKings is a long-standing and relentless botnet which has been active from at least 2016. Since then it has spread and extended its infrastructure so much…
Category: PC
BluStealer: from SpyEx to ThunderFox
Avast – Avast – Overview BluStealer is is a crypto stealer, keylogger, and document uploader written in Visual Basic that loads C#.NET hack tools to steal credentials. The family was…
DirtyMoe: Code Signing Certificate
Avast – Avast – Abstract The DirtyMoe malware uses a driver signed with a revoked certificate that can be seamlessly loaded into the Windows kernel. Therefore, one of the goals…
DirtyMoe: Rootkit Driver
Avast – Avast – Abstract In the first post DirtyMoe: Introduction and General Overview of Modularized Malware, we have described one of the complex and sophisticated malware called DirtyMoe. The…
Magnitude Exploit Kit: Still Alive and Kicking
Avast – Avast – If I could choose one computer program and erase it from existence, I would choose Internet Explorer. Switching to a different browser would most likely save…
Decoding Cobalt Strike: Understanding Payloads
Avast – Avast – Intro Cobalt Strike threat emulation software is the de facto standard closed-source/paid tool used by infosec teams in many governments, organizations and companies. It is also…
Backdoored Client from Mongolian CA MonPass
Avast – Avast – We discovered an installer downloaded from the official website of MonPass, a major certification authority (CA) in Mongolia in East Asia that was backdoored with Cobalt…
Crackonosh: A New Malware Distributed in Cracked Software
Avast – Avast – We recently became aware of customer reports advising that Avast antivirus was missing from their systems – like the following example from Reddit. From Reddit We…
DirtyMoe: Introduction and General Overview of Modularized Malware
Avast – Avast – The rising price of the cryptocurrency has caused a skyrocketing trend of malware samples in the wild. DDoS attacks go hand in hand with the mining…
Binary Reuse of VB6 P-Code Functions
Avast – Avast – Reusing binary code from malware is one of my favorite topics. Binary re-engineering and being able to bend compiled code to your will is really just…