Tribal Chicken

Security. Malware Research. Digital Forensics.

  • Home
  • About
  • Contact

Part 2 of Monday Malware analysis #1: Zemot / Rerdom

Thomas White • 10 Apr 2014 • Tags: analysis, asprox, kuluoz, malware, rerdom, security, zemot

Update 20141010: Thanks to @herrcore [https://twitter.com/herrcore]for pointing out I had used the incorrect name for the malware. Name has now been updated. A few days ago I started looking at running some Malware that was received by my email account via a Phishing email. Monday Malware analysis: Zemot/Rerdom (Part 1)… leer más

Monday Malware analysis #1: Zemot/Rerdom (Part 1)

Thomas White • 7 Apr 2014 • Tags: analysis, asprox, kuluoz, malware, rerdom, security, zemot

Apparently the Russians need me to “Appear in court”… Of course they kindly zipped the notice for me to save my bandwidth… not. I received this phishing email with an attachment the other day – In fact I have been receiving a few of this type lately so thought I would check it out. **Disclaimer: This… leer más

Page 1 of 1

About

I'm an Australian who does tech and security stuff. When not at my full-time job, I do independent DFIR / InfoSec / Malware research.

This site acts as an informal outlet for some of my personal work.

Most popular articles:

  1. Recovering BitLocker Keys on Windows 8.1 and 10: A brief touch on how the changes to BitLocker after
  2. Extracting FileVault 2 Keys with Volatility: This is a volatility plugin which can recover FileVault 2
  3. Automated Malware Analysis: mail server -> Cuckoo, V2.0: Quite some time ago I slapped together a couple of
  4. Hunting malware through memory analysis: A word of warning… Lots of screenshots in this post.

Disclaimer: The views expressed here are my own and do not necessarily reflect those of my current or past employers, affiliations, cats, etc.

Powered by: Ghost, Nginx and FreeBSD. Content powered by coffee. Ideas powered by beer, which you are welcome to donate if I've helped you.