Reverse Engineer

May 28, 2020

SECURITY

Dynamic Data Resolver (DDR) — IDA Plugin 1.0 beta

1 min read

Executive summary Static reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to understand what a certain basic block is doing. If you try to perform dynamic analysis by debugging a piece of malware, the malware will often detect it and start behaving differently. Today, Cisco […]

March 8, 2017

THREAT RESEARCH

Crypt0l0cker (TorrentLocker): Old Dog, New Tricks

1 min read

Ransomware continues to be a plague on the internet and still sets itself as the fastest growing malware family we have seen in the last number of years. In this post we describe the technical details about a newly observed campaign of the notorious Crypt0l0cker (aka TorrentLocker or Teerac) ransomware. Crypt0l0cker has gone through a […]

February 23, 2017

SECURITY

Serenity Now! A better way to malware analysis.

2 min read

Over the last half decade the term sandboxing has become so pervasive, many customers I speak to have forgotten what it’s for!  Sandboxing is a type of malware analysis – dynamic malware analysis to be exact. You execute a sample / file in a virtual environment and see what happens. There are numerous other types […]