The Malware Research team here at PC Pitstop has noticed a large number of hits on seemingly randomly-generated files in our research queue. Upon further investigation, it is apparent that these files are coming from Emotet Banking Trojan. In this post we will give a brief overview of the Trojan, how we detected it, and […]
PC Matic SuperShield Protects Customers from Emotet Banking Trojan Read More »
READ FIRST: Disclaimer – Malware can destroy data, damage your computer, cause your computer to damage other computers, steal information, or cause other harm to property and even life in the case of a system which is in control of some equipment or machinery. When analyzing malware, you must always do so on a machine
Running DLL Files for Malware Analysis Read More »
READ FIRST: Disclaimer – Malware can destroy data, damage your computer, cause your computer to damage other computers, steal information, or cause other harm to property and even life in the case of a system which is in control of some equipment or machinery. When analyzing malware, you must always do so on a machine
Unpacking Malware Part 2 – Reconstructing the Import Address Table Read More »
READ FIRST: Disclaimer – Malware can destroy data, damage your computer, cause your computer to damage other computers, steal information, or cause other harm to property and even life in the case of a system which is in control of some equipment or machinery. When analyzing malware, you must always do so on a machine
Debugging and Unpacking Malicious Software Read More »
In the anti-malware world, you may hear the term APT which is short for Advanced Persistent Threat. It sounds like a complicated buzzword. What is it really? Before we start talking about what an “advanced” persistent threat is, let’s just start with a plain ol’ persistent threat. In computer science, the term “persistence” is generally
What is an Advanced Persistent Threat (APT)? Read More »
A week ago, Lawrence Abrams at Bleeping Computer wrote about Locky ransomware now taking a 7z form. The PC Matic Research Team has seen this new form of Locky this past week. Like many other variants of Locky, the core components which make up the binary are very similar except for the encrypted file extension
Locky malware being distributed via 7z/script Read More »
When reading a technical analysis of malware, you will often hear of the term “hooking.” The term is rather confusing and even ambiguous in some cases and thus, in this article we will explain exactly what hooking is, the different types of hooking, and how it is used by malware. What is Hooking? Let’s start
ETERNALBLUE, DOUBLEPULSAR, Heartbleed…. Many of us have heard of these terms and possibly of their association with malware. However, the ecosystem and jargon can be confusing. How is ETERNALBLUE really related to WannaCry and Petya? What is the difference between an exploit and a malware to begin with? As a Malware Researcher, I’ve done deep
The High-Level Anatomy of a Malware Exploit Read More »
We’ve recently been covering scripting attacks in more detail on the Malware Research blog. These types of attacks have the ability to be completely fileless, as explained in a previous post. However, scripts also sometimes do come in files or accompany file-based malware. The new strain of Spora malware does just this. It uses a
Script Engines Being Used to Distribute New Strain of Spora Ransomware Read More »
Of course having PC Matic and PC Matic SuperShield installed will help stop threats in their tracks. Nonetheless, it is important to be educated in order to help avoid problems and PC Pitstop also believes in providing our customers with not just a quality anti-malware solution, but training as well. Let’s take a look at
Avoid these Deceptive Malware Tricks Read More »