February 27, 2017 by Malwarebytes Labs
Co-authored by Hasherezade and Jérôme Segura.
In this blog post we will cover a recent version of the multi-purpose Neutrino Bot (AKA Kasidet) which ironically was distributed by an exploit kit of the same name. Earlier in January this year, we had described Neutrino Bot that came via spam so we won’t go over those details again, but instead will focus on an interesting loader.
Anti VM detection is complemented by multiple layers hiding the actual core which made extraction of the final payload a bit of challenge.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.