EternalPetya – yet another stolen piece in the package?

Credit to Author: Malwarebytes Labs| Date: Fri, 30 Jun 2017 16:53:36 +0000

Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).

Categories:

Tags:

(Read more…)

The post EternalPetya – yet another stolen piece in the package? appeared first on Malwarebytes Labs.

Read more

LatentBot piece by piece

Credit to Author: Malwarebytes Labs| Date: Thu, 08 Jun 2017 15:00:53 +0000

LatentBot is a multi-modular Trojan written in Delphi and known to have been around since 2013. Recently, we captured and dissected a sample distributed by RIG Exploit Kit. In this post we will describe its modules by taking apart several layers of obfuscation and encryption in order to reveal their true nature.

Categories:

Tags:

(Read more…)

The post LatentBot piece by piece appeared first on Malwarebytes Labs.

Read more

Explained: Sage ransomware

Credit to Author: Malwarebytes Labs| Date: Wed, 29 Mar 2017 15:00:24 +0000

Sage is yet another ransomware that has become a common threat nowadays. Similarly to Spora, it has capabilities to encrypt files offline. The malware is actively developed and currently, we are facing outbreak of version 2.2. of this product.

Categories:

Tags:

(Read more…)

The post Explained: Sage ransomware appeared first on Malwarebytes Labs.

Read more

Goldeneye Ransomware – the Petya/Mischa combo rebranded

From March 2016 we’ve observed the evolution of an interesting low-level ransomware, Petya. Now, we are facing an outbreak of the fourth version – this time under a new name – Goldeneye, and, appropriately, a new, golden theme.

Categories:

Tags:

(Read more…)

Read more