Fileless malware: getting the lowdown on this insidious threat

In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods. Categories: ... Read More
Spartacus ransomware: introduction to a strain of unsophisticated malware

Spartacus ransomware: introduction to a strain of unsophisticated malware

Spartacus ransomware is a fairly new variant seen in 2018. We'll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state. Categories: Malware Threat analysis Tags: malware analysisransomwareSpartacusSpartacus ransomware (Read more...) The post ... Read More
Encryption 101: decryption tool code walkthrough

Encryption 101: decryption tool code walkthrough

In our final installment of the Encryption 101 series, we walk you through the source code of the Princess Locker decryption tool. Categories: Malware Threat analysis Tags: decryption toolencryption 101Princess Locker (Read more...) The post Encryption 101: decryption tool code walkthrough appeared first on Malwarebytes Labs ... Read More
Encryption 101: Decryptor’s thought process

Encryption 101: Decryptor’s thought process

In the previous parts 1, 2 and 3 of this series, we covered the basics of encryption, walked through a live example of a ransomware in detail, and talked about encryption weaknesses. In this part of the encryption 101 series, we will begin wrapping it up by going into detail ... Read More
Encryption 101: How to break encryption

Encryption 101: How to break encryption

Continuing on in our Encryption 101 series, we now look at what it takes to break encryption. In order for something as powerful as encryption to break, there needs to be some kind of weakness to exploit. That weakness is often a result of an error in implementation. Categories: Malware ... Read More
Encryption 101: ShiOne ransomware case study

Encryption 101: ShiOne ransomware case study

In this case study on ShiOne ransomware, part of our Encryption 101 series, we will be reviewing the encryption process line by line and showing the different methods ransomware can use to encrypt files. Categories: Malware Threat analysis Tags: encryptionencryption functionalityencryption methodsmalwareransomwareShiOneShiOne ransomware (Read more...) The post Encryption 101: ShiOne ... Read More
Encryption 101: a malware analyst’s primer

Encryption 101: a malware analyst’s primer

A primer on encryption mechanisms and how they are exploited by malware authors, including an introduction to encryption and the main methods used to encrypt ransomware. Categories: Threat analysis Tags: encryptionransomware (Read more...) The post Encryption 101: a malware analyst’s primer appeared first on Malwarebytes Labs ... Read More