The King is Dead, Long Live MyKings! (Part 1 of 2)

Avast –  Avast –  MyKings is a long-standing and relentless botnet which has been active from at least 2016. Since then it has spread and extended its infrastructure so much…

DirtyMoe: Code Signing Certificate

Avast –  Avast –  Abstract The DirtyMoe malware uses a driver signed with a revoked certificate that can be seamlessly loaded into the Windows kernel. Therefore, one of the goals…

DirtyMoe: Rootkit Driver

Avast –  Avast –  Abstract In the first post DirtyMoe: Introduction and General Overview of Modularized Malware, we have described one of the complex and sophisticated malware called DirtyMoe. The…

DirtyMoe: Introduction and General Overview of Modularized Malware

Avast –  Avast –  The rising price of the cryptocurrency has caused a skyrocketing trend of malware samples in the wild. DDoS attacks go hand in hand with the mining…

Binary Reuse of VB6 P-Code Functions

Avast –  Avast –  Reusing binary code from malware is one of my favorite topics. Binary re-engineering and being able to bend compiled code to your will is really just…