-
Although IDA now has a fix for disassembly desynchronization, the fix inadvertently makes another anti-disassembly technique more stealthy and can also be used to hide instructions. Find out more in this post: https://github.com/yellowbyte/analysis-of-anti-analysis/blob/master/research/the_return_of_disassembly_desynchronization/the_return_of_disassembly_desynchronization.md …
#antianalysis#BinaryNinja#IDAPrikaži ovu nit -
According to BetaBot malware if you have
#7Zip installed you are a threat to the botnet....#AntiAnalysis#AntiDebugpic.twitter.com/EqjNHTIVaK
-
As
@killamjr noticed,#magecart’s malicious JavaScript is hosted in googlead. Tech is still active in some online stores and was modified in the last two weeks. Magecart is using an#AntiAnalysis technique with an infinite loop executing the debugger statement. pic.twitter.com/9wI3lMNMV6
-
Looks like the start to a very nice resource on anti-analysis techniques. Nice work
@YellowbyteRE. http://ow.ly/SlNz30ksXyC#antianalysis -
#AgentTesla hit Oil companies using "Total Oil” themed Campaign. Read about its#antianalysis tricks on: https://blog.yoroi.company/research/commodity-malware-reborn-the-agenttesla-total-oil-themed-campaign/ …@GranetMan@_odisseus@securityaffairs@shotgunner101@__SPX__@executemalware@pmelson@MalwarePatrol@FBussoletti@TheHackersNews @kondencuotas -
Other
#antianalysis techniques in this#Hawkeye malware, thanks to its Complex#VisualBasic#Packer! Read more on: https://blog.yoroi.company/research/anti-debugging-techniques-from-a-complex-visual-basic-packer/ …@GranetMan@_odisseus@securityaffairs@hacker_journal@shotgunner101@__SPX__@executemalware@pmelson@MalwarePatrol@FBussoletti -
Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let's take a dive inside! https://labs.sentinelone.com/gootkit-banking-trojan-deep-dive-anti-analysis-features/ … | By
@0verfl0w_#Gootkit#Banking#Trojan#DeepDive#threatIntel#AntiAnalysis#SentinelLabs -
Enterprise_ITS: BayComputing:
#Rombertik and the Rise of#SelfAware#Malware - The#AntiEvasion#AntiAnalysis Diff… pic.twitter.com/HLFUWNdZZk
-
#Ukrainian#SCADA#Malware detects nop'd Sleep API calls via GetTickCount & shutsdown#infosec#DFIR#AntiAnalysis pic.twitter.com/RVsZt9YoY2
-
http://j.mp/2bEx14y (Ab)used As Anti-Analysis Technique http://j.mp/2bEwEqY
#malware#security#antianalysis pic.twitter.com/rG5xj2DrNs
-
@JimmyKempski Evidently Foles should be starting is a thing...#yikes#antianalysis -
#Antianalysis technique for PE Analysis Tools –INT Spoofing– http://blog.jpcert.or.jp/2017/01/anti-analysis-t-24b9.html … -
Proofpoint: New modular downloaders fingerprint systems - Part 1: Marap https://www.proofpoint.com/us/threat-insight/post/new-modular-downloaders-fingerprint-systems-prepare-more-part-1-marap …
#security#AntiAnalysis -
Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities https://www.sentinelone.com/blog/gootkit-banking-trojan-persistence-other-capabilities/ …
#Gootkit#Banking#Trojan#AntiAnalysis#sysinternals#infosec#malware#CyberSecurity by@0verfl0w_#zero2heropic.twitter.com/m1KJKcIFBu
-
Anyone reproduce the Turla emulation check using SetupDiGetClassDevs? It should return 0xE000021A from what I read but passing args of 0,0,0,0xFFFFFFFF seems to always return a handle value of FFFFFFFF. Testing in Win10.
#Turla#malware#antianalysis -
Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features https://www.sentinelone.com/blog/gootkit-banking-trojan-deep-dive-anti-analysis-features/ …
#Gootkit#Banking#Trojan#AntiAnalysis#sysinternals#infosec#malware#CyberSecuritypic.twitter.com/NPRGFkHyYl
-
The Fortinet study reveals continued increase in cyberattacks http://ow.ly/Xlv250vD2lp
#Cybersecurity#Cybercriminals#Cyberattacks#Evasion#AntiAnalysis#Ransomware#Fortinet
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.