Some stuff about security..

DISCLAIMER: This blog is a set of personal notes I have decided to make public. Please, ignore any typo or language error

Thursday, May 10, 2018

qthelegend: the new Qrypter for Adwind

›
Since last December, when I blogged  the first time about Qrypter , I've been tracking Adwind malware using this service.  @abuse.ch  ...
Thursday, March 15, 2018

Inside Qarallax / Adwind / Qrypter leading to Tesla / HawkEye (part 1)

›
A few months ago I wrote about some Java RAT named QRypter (aka QRat or Qarallax) which is basically Adwind with some layers of obfuscation...
Saturday, March 3, 2018

The strange case of Adwind embedded in a MS-DOS file

›
A few days ago there was a malspam campaign mimicking one bank and delivering a PDF file and some DOC files exploiting CVE-2017-11882 ...
Wednesday, December 27, 2017

Qrypter Java RAT using Tor

›
Since the 16th of December, almost in a daily basis, I'm seeing a particular family of Java Remote Access using Tor.  The samples ...
‹
›
Home
View web version
Powered by Blogger.