LockBit MacOS Malware Analysis 

LockBit MacOS Malware Analysis 

Important elements of the analysis:  Introduction  In the present analysis, a sample of LockBit (macOS variant) with hash abf01633960dd77c6137175a21fccf34 was considered.  The artifact is developed in C++ and compiled with macOS SDK 11.3.0 with ARM architecture.  Below is a detail of the hexadecimal code of the entrypoint address 10000b0d4:  Malware assessment  By examining the assembly […]

DISCOVER MORE
Report: Wipers – Hackmageddon’s ultimate weapon

Report: Wipers – Hackmageddon’s ultimate weapon

In the present analysis, some of the most widespread Wiper malware was considered. Important elements of the analysis: Recently, a new threat is posing a serious risk to the cybersecurity of companies and administrations around the world: these are “Wiper” malware, which are designed to erase data on infected computer systems, causing irreparable damage to […]

DISCOVER MORE
Press release: Tinexta Cyber makes an exponential leap in cybersecurity with Google Cloud’s Chronicle

Press release: Tinexta Cyber makes an exponential leap in cybersecurity with Google Cloud’s Chronicle

Milano, April 13th 2023 – Tinexta Cyber (Tinexta Group’s Cyber Business Unit) announced today a partnership with Google Cloud that will make more effective defense systems available on the market to deal with cyber threats. The agreement will allow the companies belonging to Tinexta Group’s cybersecurity unit, namely Corvallis, Swascan, and Yoroi, to access Google […]

DISCOVER MORE
Beep Malware: static and dynamic analysis

Beep Malware: static and dynamic analysis

Important elements of the analysis: Introduction  In the present analysis, a sample of Beep malware with hash ab5dc89a301b5296b29da8dc088b68d72d8b414767faf15bc45f4969c6e0874e was taken in consideration. The threat in question has become rather well known within the security community due to the fact that it uses multiple and advanced anti-VM, anti-debugging, evasion, and anti-analysis techniques. The malware performs the […]

DISCOVER MORE
SwiftSlicer: Malware Analysis

SwiftSlicer: Malware Analysis

Important elements of the analysis: Summary INTRODUCTION:……………………………….. 1 STATIC ANALYSIS:…………………………..2 DECOMPILING, DEBUGGING AND DYNAMIC ANALYSIS:……………………………24 References:……………………………42 IOCs.:………………………42 YARA Rule:…………………………..42 CONCLUSIONS:…………………………….42 INTRODUCTION: SwiftSlicer is a new wiper malware, developed by Russian cybercrime groups to attack Ukrainian targets, yet another cyberthreat element that goes hand in hand with the current geopolitical crisis between the two countries. It […]

DISCOVER MORE
BlackCat Ransomware: analysis of the evolution of the threat

BlackCat Ransomware: analysis of the evolution of the threat

Important elements of the analysis:   INTRODUCTION  BlackCat is a ransomware gang of russian origin that began its cybercrime activities in November 2021.   The specific sample under analysis was compiled on 23rd January 2023 and has some different characteristics compared to older BlackCat Ransomware samples. In detail, there is more attention paid to the use of […]

DISCOVER MORE
Lockbit and Babuk Ransomware Data Leaks analysis

Lockbit and Babuk Ransomware Data Leaks analysis

Intro: The evolution of ransomware over the last five years has certainly been characterised by an unprecedented rate of growth and innovation. The transformation of what were almost ‘artisanal’ and not particularly targeted operations into full-fledged online crime franchises has no comparison in this world’s (albeit recent) past. Towards the end of 2022, we witnessed a […]

DISCOVER MORE
Swascan partners with Cloudflare to enhance SoC services

Swascan partners with Cloudflare to enhance SoC services

Swascan partners with Cloudflare to enhance SoC services and bring Cloudflare One Zero Trust solutions to the Italian market Milan XXXX 2022 – Swascan, the innovative Cyber Security company, has announced a new go-to-market partnership with Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet. The two companies […]

DISCOVER MORE
Malware analysis: Babuk Ransomware (mathematical curve analysis)

Malware analysis: Babuk Ransomware (mathematical curve analysis)

In this analysis, the methodology and encryption/decryption algorithm used by a sample of Babuk Ransomware (Linux variant) were considered. Babuk originated in 2021, the gang also known as ‘Vasa Locker’. In April of that year, they had their highest moment of ‘fame’, when the group went so far as to threaten the Metropolitan Police Department […]

DISCOVER MORE
Silent ETH Miner Builder: Malware analysis

Silent ETH Miner Builder: Malware analysis

Author: Fabio Pensa In this analysis it has been taken into consideration the builder of a Silent ETH Miner sample, whichperforms mining operations and it does “process masking” techniques by pointing to terminate somespecific processes which, as we will see next, are related to Process Explorer, Process Hacker, TaskManager and Performance Monitor (to render more […]

DISCOVER MORE