Skip to main content

RegView – Exploring hidden windows registry data

RegView – Exploring hidden windows registry data

RegView – Exploring hidden windows registry data Long time ago I came across Trojan.Poweliks. Its low detection rate, file-less nature and interesting persistence way made me thinking about the question: “is there a tool, freely available, allowing to display hidden registry values?” Tremendous research has been performed by Security Response, if you want to get […]

Read More

VBS.Dunihi

VBS.Dunihi

My first look at VBS.Dunihi Some weeks ago I’ve got two samples of VBS.Dunihi, so I decided to have a quick look. Obviously almost all AV vendors had no detection for it. I am pretty sure that there are plenty reviews of this malware on the web already … but every time I decide to […]

Read More

W97.DOWNLOADER – Dridex dropper

W97.DOWNLOADER – Dridex dropper

My Second look at W97.DOWNLOADER – Dridex dropper. I performed it very quickly during the time my two devils (wife and son) are not active anymore (late night) with blurred eyes [In my personal isolated home based AV lab ;-)]… sorry for any mistakes. The goal of my research was to get better understanding about […]

Read More

W97M.Downloader – VBA Macro Downloader

W97M.Downloader – VBA Macro Downloader

I recently saw some spike in W97M.Downloader activity and decided to get more familiar with this threat. Note: The research has been performed out of working hours in my isolated personal home based lab.   I hope that you find it useful since it shows how you could leverage Symantec Endpoint Protection (SEP) against similar […]

Read More