Black Energy – Analysis

So today I wanted to do a blog post on Black Energy. The sample I will be working with was sourced from hybrid analysis here: https://www.hybrid-analysis.com/sample/39d04828ab0bba42a0e4cdd53fe1c04e4eef6d7b26d0008bd0d88b06cc316a81?environmentId=4. This particular piece of malware was used to target the networks used to control power grids and has been associated to the Sandworm Team, who used it to also … Continue reading Black Energy – Analysis

Basic Dynamic Analysis Pteranodon.bin – Gamaredon Group

So today I wanted to do a blog post on an executable SHA-256: 408e38b4d81de63e5762dcb8024f81360b426429821f9934b087aa0a6b44c56f that has been tied back to the Gamaredon Group, in my research. I pulled it down from @0xffff0800 .onion website http://iec56w4ibovnb4wc.onion/Library/GamaredonGroup/. Thank you @0xffff0800 with sharing these samples with the community! A little background on who the Gamaredon Group is. According … Continue reading Basic Dynamic Analysis Pteranodon.bin – Gamaredon Group