Two new research papers released by Giuseppe Bonfa:
Worm.Win32.Zhelatin.pk Reverse Engineering
Abstract: In this paper (Worm.Win32.Zhelatin.pk Reverse Engineering) we will analyze with a classical Approach the entire structure of Worm.Win32.Zhelatin.pk from the pure Infection starting with happy-2008.exe, which is a classical E-Card Malware spreaded through fake mails.
CartellaUnicaTasse.exe - An Italian Malware Reverse Engineering
Abstract: CartellaUnicaTasse.exe is an e-mail spreaded Malware that acts as a Downloader Agent for other Malicious Executable Applications. Thanks to CUT.exe a series of executables are downloaded and runned into the victim user. In this paper we will analyze with a classical RCE Approach the entire structure of CartellaUnicaTasse from the pure Infection to the Network Point of View.