This is the second part in a series of posts showing how we can use my unpack.py script to find quite a bit of useful information about a CryptoLocker variant. This post will analyse the unpacked payload that we found in part one. Continue Reading
Archives
All posts for the month March, 2016
My automated unpacking script (which really needs a sensible name!) is a few years old now, so I was interested to see how it would go with some malware that was developed after it was. That is, I wanted to answer the question ‘is my script still useful?’. It turns out it is still useful, and this post is the first of a few posts that aim to demonstrate why. Continue Reading