Sorry for the longer than expected delay, occasionally the Dridex group will take the servers offline during the weekend and resume normal operations on Monday;

In the previous article we went over how to dump the names of the majority of functions dridex resolves dynamically to complicate analysis. Today we will

Due to popular request I’m starting a new reverse engineering article series which will detail how I go about analyzing various samples, instead of just

While I was reverse engineering ZeroAccess in order to write a monitoring system, I had an idea which would allow me to use ZeroAccess C&C

Last week I received a tip about a sample displaying some indication that it could be peer-to-peer (a large amount of UDP traffic being sent to

Usually I don’t blog about the hundreds of ridiculous or down right crazy emails I receive each year, but this exchange makes all the others

Here is an interesting article I found this week, it’s about how A researcher released two pieces of ‘educational’ ransomware which were secretly backdoored in

Peer to Peer and Everything In between Back in October I’d gotten bored of the endless stream of cryptolockers and PoS trojan, so decided to

In the recent years I’ve noticed a shift in the malware economy from botnets to ransomware, which is likely due to the AV industry employing

Finally I manage to put together a computer capable of running Device Guard and I’ve had a little bit of time to play around with