This is a loose sequel to the Cutwail botnet analysis blogpost published on the malwaremustdie.blogspot.com. In this blogpost I will primarily focus on the downloaded PE executable itself (SHA256: 5F8FCC9C56BF959041B28E97BFB5DB9659B20A6E6076CFBA8CB2D591184C9164) and the network traffic that it generates. I will also reveal a hidden C&C server.But first let’s quickly go through the things it does at […]
Latest Comments