Posts Tagged ‘decryption’

Zbot family runs on selected systems only

Apr

2013

It is pretty usual when you try to analyze some malware that does not run in virtual machine or emulator. Using usually very well known tricks it can prevent itself from being analyzed. But what if it does not run even on real computer? The following sample, part of the zbot family, uses volume CLSID […]

Category General Written by AVG Blogs 0 Comments

The owls are not what they seem

Aug

2012

Sometimes malware really doesn’t want to be analyzed by researchers and analysts, and refuses to run in a testing environment or when being debugged. Today, we will look into one sample which does even more and completely changes its behavior when being analyzed. Actually, it pretends to be just ordinary backdoor probably to discourage malware […]

Category General Written by AVG Blogs 0 Comments

W32.Morto.B – Morto Adds File Infection to its Arsenal

Jul

2012

W32.Morto first surfaced in August 2011 causing a stir when it targeted weak passwords on Remote Desktop Protocol Connections in order to propagate across networks. W32.Morto.B, the new variant, now has the ability to infect executable files on a compromised computer. Let’s take a look at the infected files in a bit more detail. Figure […]

Category General Written by Symantec Security Response Blog 0 Comments

The Latest in IT Security

Posts Tagged ‘decryption’

Zbot family runs on selected systems only

The owls are not what they seem

W32.Morto.B – Morto Adds File Infection to its Arsenal

Categories

Featured

Archives

Latest Comments

About Us

Contact Us