Vasilios Hioureas
Malwarebytes Labs

Fileless malware: getting the lowdown on this insidious threat

| | file history, fileless infections, fileless malware, fileless malware attacks, Kovter, magnitude EK, Malware, poweliks, powershell, ram, samsam, samsam ransomware, semi-fileless, SOC team, Threat analysis, Windows
In this series of articles, we provide an in-depth discussion of fileless malware and their related attacks. In part one, we cover a brief overview of the problems with and general features of fileless malware, laying the groundwork for technical analysis of various samples employing fileless and semi-fileless methods. Categories: ... Read More
Malwarebytes Labs
Spartacus ransomware: introduction to a strain of unsophisticated malware

Spartacus ransomware: introduction to a strain of unsophisticated malware

| | Malware, Malware Analysis, Ransomware, Spartacus, Spartacus ransomware, Threat analysis
Spartacus ransomware is a fairly new variant seen in 2018. We'll walk you through the malware sample to analyze the code in detail, and help you learn how to get an obfuscated .NET sample into a readable state. Categories: Malware Threat analysis Tags: malware analysisransomwareSpartacusSpartacus ransomware (Read more...) The post ... Read More
Malwarebytes Labs
Encryption 101: decryption tool code walkthrough

Encryption 101: decryption tool code walkthrough

| | decryption tool, Malware, Threat analysis
In our final installment of the Encryption 101 series, we walk you through the source code of the Princess Locker decryption tool. Categories: Malware Threat analysis Tags: decryption toolencryption 101Princess Locker (Read more...) The post Encryption 101: decryption tool code walkthrough appeared first on Malwarebytes Labs ... Read More
Malwarebytes Labs
Encryption 101: Decryptor’s thought process

Encryption 101: Decryptor’s thought process

| | break encryption, decryptor, encrpytion functionality, encryption, Malware, PrincessLocker, Ransomware, security bloggers network, Threat analysis
In the previous parts 1, 2 and 3 of this series, we covered the basics of encryption, walked through a live example of a ransomware in detail, and talked about encryption weaknesses. In this part of the encryption 101 series, we will begin wrapping it up by going into detail ... Read More
Malwarebytes Labs
Encryption 101: How to break encryption

Encryption 101: How to break encryption

| | break encryption, encryption, encryption functionality, Malware, random number generator, security bloggers network, Threat analysis
Continuing on in our Encryption 101 series, we now look at what it takes to break encryption. In order for something as powerful as encryption to break, there needs to be some kind of weakness to exploit. That weakness is often a result of an error in implementation. Categories: Malware ... Read More
Malwarebytes Labs
Encryption 101: ShiOne ransomware case study

Encryption 101: ShiOne ransomware case study

| | encryption, encryption functionality, encryption methods, Malware, Ransomware, security bloggers network, ShiOne, ShiOne ransomware, Threat analysis
In this case study on ShiOne ransomware, part of our Encryption 101 series, we will be reviewing the encryption process line by line and showing the different methods ransomware can use to encrypt files. Categories: Malware Threat analysis Tags: encryptionencryption functionalityencryption methodsmalwareransomwareShiOneShiOne ransomware (Read more...) The post Encryption 101: ShiOne ... Read More
Malwarebytes Labs