New version of chinoxy backdoor using COVID19 alerts document lure

5 years of Chinoxy implemention

  • (byte *)(uVar1 + param_1) =
    *(byte *)(uVar1 + param_1) ^
    ((&DAT_1001a278)[uVar3] ^ (&DAT_1001a284)[uVar2]) & 0x27 ^ (&DAT_1001a284)[uVar2];

Threat Intelligence Consideration

IOCs:

--

--

--

Malwarist,Threat Huntist and pythonist / core dev of #yeti/ member of @ProjectHoneynet / co-organizer #BotConf / researcher

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Introduction to RANSOMWARE

Desktop hVPN — Available!

Hololoot June Recap

Semperis raises USD200M for Growth Funding

semperis

How Not To Get Ripped Off by a roofer in Syracuse

(Vuln) [(CK: 03) MyFileServer_3] WriteUP — WalkThrough

{UPDATE} Hero of zero Hack Free Resources Generator

Work permit: citizen’s data at a crossroads

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Sebdraven

Sebdraven

Malwarist,Threat Huntist and pythonist / core dev of #yeti/ member of @ProjectHoneynet / co-organizer #BotConf / researcher

More from Medium

Technical analysis of enterprise ransomware — Part One

Practical Malware Analysis

MITRE ATT&CK

BTLO: Suspicious USB Stick Challenge Walkthrough