all InfoSec news
Analyse, hunt and classify malware using .NET metadata
March 25, 2024, 7:21 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
Earlier this week, I ran into a sample that turned out to be PureCrypter, a loader and obfuscator for all different kinds of malware such as Agent Tesla and RedLine.
Upon further investigation, I developed Yara rules for the various stages, which can be found here (excluding the final payload):
- PureZip
- PureCrypter
- 2nd stage downloader (PureLogStealer related)
With that out of the way, all of this reminded me of the fact that we can also write Yara rules …
assembly async building client console default dotnet import log malware analysis name names project quasar rat update
More from malware.news / Malware Analysis, News and Indicators - Latest topics
What the Biggest-Ever Botnet Takedown Means
1 day, 7 hours ago |
malware.news
Nearly 6M WordPress sites may be affected by bugs in 3 plug-ins
1 day, 9 hours ago |
malware.news
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC