RootSmart Android Malware Analysis

Android’s increasing popularity, combined with the possibility to create alternative markets, makes this platform a fertile ground for malware authors. While most of these applications just exploit the inexperience of the average user that is looking for free software, others are pretty smart and use more sophisticated techniques to take, and keep, control of the […]

Shylock via volatility

Shylock is a new Financial Malware, publicly reported for the first time on 7 September 2011. Additional informations on can be checked out from Mila’s blogpost http://contagiodump.blogspot.com/2011/09/sept-21-greedy-shylock-financial.html Tools Volatility MHL Malware Plugins Timeliner,RegistryApi, evtlogs Plugins Essay Memory Acquisition First step is the Memory Acquisition that can be accomplished essentially in two ways, depending essentially by […]

Morto Malware Analysis

Today we’re going to analyze Morto.A a malware which, in this weeks, is spreading in many Internet places. It’s a worm that allows unauthorized access to an infected computer and tries to compromise administrator passwords for Remote Desktop connections, through RDP protocol, on a network. Indeed this threat infecting computers by targeting accounts that have […]

Carberp Reverse Engineering

We are going to talk about Trojan Banker Carberp from a Reverse Engineering point of view. Carberp is a Botnet delivered in the usual ways of Blackmarket selling, designed to be a Trojan Spy and specifically a Banker similar to SpyEye and ZeuS, able to perform Man in the Browser attacks, steal victim credentials, kill […]

Rootkit Banker Win64.Banker and Win32.Banker Analysis

Rootkit Banker Win64.Banker Reverse Engineering, this is the first rootkit able to steal banking account credentials even on x64 systems. We’ll take a look into the functionalities of this interesting rootkit, focusing mainly on the techniques used to disable UAC, to install the certificate and to steal information from the infected machines. Tools IDA Essay […]

How to Deal with Malware

With this brief tutorial, here at UIC we are going to open a new Reversing Chapter that follows the new challenge promptly emerged in the last years: Malware Reverse Engineering. This field is quite interesting and important for every serious RCE Community mostly because we are now facing an impressive boost of Malicious Executables and […]