LockBit MacOS Malware Analysis
Important elements of the analysis: Introduction In the present analysis, a sample of LockBit (macOS variant) with hash abf01633960dd77c6137175a21fccf34 was considered. The artifact is developed in C++ and compiled with macOS SDK 11.3.0 with ARM architecture. Below is a detail of the hexadecimal code of the entrypoint address 10000b0d4: Malware assessment By examining the assembly […]
DISCOVER MOREReport: Wipers – Hackmageddon’s ultimate weapon
In the present analysis, some of the most widespread Wiper malware was considered. Important elements of the analysis: Recently, a new threat is posing a serious risk to the cybersecurity of companies and administrations around the world: these are “Wiper” malware, which are designed to erase data on infected computer systems, causing irreparable damage to […]
DISCOVER MOREPress release: Tinexta Cyber makes an exponential leap in cybersecurity with Google Cloud’s Chronicle
Milano, April 13th 2023 – Tinexta Cyber (Tinexta Group’s Cyber Business Unit) announced today a partnership with Google Cloud that will make more effective defense systems available on the market to deal with cyber threats. The agreement will allow the companies belonging to Tinexta Group’s cybersecurity unit, namely Corvallis, Swascan, and Yoroi, to access Google […]
DISCOVER MOREBeep Malware: static and dynamic analysis
Important elements of the analysis: Introduction In the present analysis, a sample of Beep malware with hash ab5dc89a301b5296b29da8dc088b68d72d8b414767faf15bc45f4969c6e0874e was taken in consideration. The threat in question has become rather well known within the security community due to the fact that it uses multiple and advanced anti-VM, anti-debugging, evasion, and anti-analysis techniques. The malware performs the […]
DISCOVER MORESwiftSlicer: Malware Analysis
Important elements of the analysis: Summary INTRODUCTION:……………………………….. 1 STATIC ANALYSIS:…………………………..2 DECOMPILING, DEBUGGING AND DYNAMIC ANALYSIS:……………………………24 References:……………………………42 IOCs.:………………………42 YARA Rule:…………………………..42 CONCLUSIONS:…………………………….42 INTRODUCTION: SwiftSlicer is a new wiper malware, developed by Russian cybercrime groups to attack Ukrainian targets, yet another cyberthreat element that goes hand in hand with the current geopolitical crisis between the two countries. It […]
DISCOVER MOREBlackCat Ransomware: analysis of the evolution of the threat
Important elements of the analysis: INTRODUCTION BlackCat is a ransomware gang of russian origin that began its cybercrime activities in November 2021. The specific sample under analysis was compiled on 23rd January 2023 and has some different characteristics compared to older BlackCat Ransomware samples. In detail, there is more attention paid to the use of […]
DISCOVER MORELockbit and Babuk Ransomware Data Leaks analysis
Intro: The evolution of ransomware over the last five years has certainly been characterised by an unprecedented rate of growth and innovation. The transformation of what were almost ‘artisanal’ and not particularly targeted operations into full-fledged online crime franchises has no comparison in this world’s (albeit recent) past. Towards the end of 2022, we witnessed a […]
DISCOVER MORESwascan partners with Cloudflare to enhance SoC services
Swascan partners with Cloudflare to enhance SoC services and bring Cloudflare One Zero Trust solutions to the Italian market Milan XXXX 2022 – Swascan, the innovative Cyber Security company, has announced a new go-to-market partnership with Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet. The two companies […]
DISCOVER MOREMalware analysis: Babuk Ransomware (mathematical curve analysis)
In this analysis, the methodology and encryption/decryption algorithm used by a sample of Babuk Ransomware (Linux variant) were considered. Babuk originated in 2021, the gang also known as ‘Vasa Locker’. In April of that year, they had their highest moment of ‘fame’, when the group went so far as to threaten the Metropolitan Police Department […]
DISCOVER MORESilent ETH Miner Builder: Malware analysis
Author: Fabio Pensa In this analysis it has been taken into consideration the builder of a Silent ETH Miner sample, whichperforms mining operations and it does “process masking” techniques by pointing to terminate somespecific processes which, as we will see next, are related to Process Explorer, Process Hacker, TaskManager and Performance Monitor (to render more […]
DISCOVER MORE