Results for banking trojan

Threat Research

A Deep Dive Into IcedID Malware: Part I - Unpacking, Hooking and Process Injection

Learn more about IcedID, a banking trojan which performs web injection on browsers and acts as proxy to inspect and manipulate traffic. This is part one of a three part series.

By Kai LuJuly 09, 2019

Threat Research

IcedID & Trickbot: A Give-and-Take Relationship

FortiGuard Labs recently caught one of Trickbot’s C2 (Command and Control) servers sending commands to its victims that instructed its bots to download what turned out to be an updated variant of the IcedID banking Trojan.

By Floser Bacurio Jr.July 25, 2018

Threat Research

What's cooking? Dridex’s New and Undiscovered Recipes

Because of the recent outbreak of the Locky ransomware, Dridex has become synonymous with the distribution of ransomware more generally. However, Dridex is still taking good care of its notorious original business– banking Trojans. While preparing the materials for my upcoming HITBAMS2016 talk on Kernel Exploit hunting and mitigation, I came across this new variant of Dridex (SHA1: 455817A04F9D0A7094038D006518C85BE3892C99), which is rather interesting. The Master of Antivirus Killers Based on some simple string checks, we assumed...

By Wayne Chin Yick LowMarch 23, 2016