Goblin Panda against the Bears

Behaviour of malwares
Anti emulation tricks
Anti emulation tricks
Anti emulation tricks verification
call to loop of decryption
Loop of decrypting config
Persistence and loading agent
ComObject Adding
Infrastructure
Infrastructure
RTFs content

Conclusion

--

--

--

Malwarist,Threat Huntist and pythonist / core dev of #yeti/ member of @ProjectHoneynet / co-organizer #BotConf / researcher

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The Many Faces & Features of Virtual Accounts

Guide for enabling and minting sSCRT on Keplr

Keplr Wallet

{UPDATE} PrismScroll Sheets Hack Free Resources Generator

{UPDATE} Remote Lock Car Joke Hack Free Resources Generator

YouSwap’s Security Philosophy — How to Better Protect User Assets?

{UPDATE} Video Poker Hack Free Resources Generator

7 Steps to a Secure Router

How Protected is your Smart Network?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sebdraven

Sebdraven

Malwarist,Threat Huntist and pythonist / core dev of #yeti/ member of @ProjectHoneynet / co-organizer #BotConf / researcher

More from Medium

Once Upon A Time In Security

NIST has released a guide to protecting against ransomware

The growing threat of ransomware

Why is CrowdSec free?