Nowadays as more and more people are aware of malware infections, untrusted executable file is less likely to be executed by the user. Except when the executable is trusted, signed by a known company, or from a well-known software vendor for example. But even when the executable file is signed it might not be safe […]
Amidst my usual adventure with Android malware analysis, I saw this snippet of code while skimming through a particular sample’s class modules. Figure 1 Late last year, I was looking deeper into Portable Network Graphics (PNG) image format, especially about the fields that hold textual information. Upon seeing the code, it immediately triggered my suspicion […]
W32.Xpaj.B is one of the most complex and sophisticated file infectors Symantec has encountered. In an older blog post, Piotr Krysiuk calls it an “upper crust file infector.” He describes several different approaches that the infector uses to increase the difficulty in detecting infected samples. The techniques W32.Xpaj.B uses to conceal itself within an executable […]
Latest Comments