MABR 0x02 | DoubleTrouble | In The Core of the Ransomware
-
MABR 0x02 | DoubleTrouble | In The Core of the Ransomware
During the previous article, we saw the process of unpacking the first stage of the malware. Aside a fairly new anti-debugging technique and process hollowing, this step wasn’t hard. Now that we have successfully unpacked the first stage, let’s jump into it to see its main behaviour. I will try to be as consice as …
Read more about MABR 0x02 | DoubleTrouble | In The Core of the Ransomware
-
MABR 0x02 | DoubleTrouble – Analysis of STOP Ransomware & Vidar Stealer | Unpacking
Back to malware analysis, i recently decided to analyse a completely random sample (as long as it isn’t .NET lol) found on MalwareBazaar, this sample appears to be STOP ransomware.