In this article we will continue the analysis of the Eternity Project, this time we will have a look at the Eternity Worm, so let’s start… Artifacts: Eternity Worm Stage 1:

Introduction Anti-Reversing Techniques is very useful to protect your code especially if your business is depending on that code or what ever reason you might have to protect it from reversing or cracking, but in other case, Malware Authors tend to use anti reversing techniques to make the Process of Analyzing…

The Eternity Project is a malware toolkit sold as a malware-as-a-service (MaaS) that offers customize malware features beside the core functionalities, the threat actors distributes their service through an anonymous Tor marketplace and Telegram channels as “Eternity Group” . Each malware item in the toolkit is individually priced: Eternity Stealer…

In this article I tried to analyze this malware sample that I took from Malware Bazaar with Linux machine, but eventually I needed to use windows machine for debugging and disk analysis, so let’s begin. Sample: MD5:95bfd387a4105a2e940f3c50c5aa1069 SHA256:df81fe69de455d1aeceb00e4cd4702d94edf9ab917dede008b65d0f045d75baf General Info: Analyzing a windows malware sample on Linux machine statically, we could use many…

This is malware analysis write-up for FFDroider stealer malware which is a new malware that was first spotted in April 2022. Our sample of today: md5(b1d856afe8ffd2649843d64affe9d4c3) Static Analysis: Looking at our sample in PEStudio we can see it is a 32-bit sample with high entropy and recently compiled date and the file…

In this series of write-ups/articles of Malware analysis I will pick up a random sample from Malware Bazaar https://bazaar.abuse.ch/ , and I will Analyze it without knowing what it is, (BlackBox) approach. let’s begin… Our sample of today: md5(5846c3588fbcf6a5078b7a2413da0345).