Saturday, November 1, 2008

Giuseppe Bonfa - A new research member at EvilFingers

Two new research papers released by Giuseppe Bonfa:



Worm.Win32.Zhelatin.pk Reverse Engineering


Abstract: In this paper (Worm.Win32.Zhelatin.pk Reverse Engineering) we will analyze with a classical Approach the entire structure of Worm.Win32.Zhelatin.pk from the pure Infection starting with happy-2008.exe, which is a classical E-Card Malware spreaded through fake mails.



CartellaUnicaTasse.exe - An Italian Malware Reverse Engineering
Study


Abstract: CartellaUnicaTasse.exe is an e-mail spreaded Malware that acts as a Downloader Agent for other Malicious Executable Applications. Thanks to CUT.exe a series of executables are downloaded and runned into the victim user. In this paper we will analyze with a classical RCE Approach the entire structure of CartellaUnicaTasse from the pure Infection to the Network Point of View.

- EF

No comments: