Gozi V3: tracked by their own stealth

Credit to Author: sophoslabsbehavioural| Date: Tue, 24 Dec 2019 09:00:32 +0000

Gozi, also known as Ursnif or ISFB, is a banking trojan which has been around for a long time and currently multiple variations of the trojan are circulating after its source code got leaked. Every variant that is distributed has interesting aspects, with Gozi version 3 the most eye-catching in the field of detection evasion. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/LaetYrage7Q” height=”1″ width=”1″ alt=””/>

Read more

Diamond Fox – part 1: introduction and unpacking

Credit to Author: Malwarebytes Labs| Date: Fri, 17 Mar 2017 15:00:41 +0000

In this short series of posts, we will take a deep dive in a sample of Diamond Fox delivered by the Nebula Exploit Kit (described here). We will also make a brief comparison with the old, leaked version, in order to show the evolution of this product.

Categories:

Tags:

(Read more…)

The post Diamond Fox – part 1: introduction and unpacking appeared first on Malwarebytes Labs.

Read more