Rig Exploit Kit – Vidar Behavioral Analysis

Today I wanted to do a quick behavioral analysis of Vidar. This particular piece of malware I downloaded from https://www.malware-traffic-analysis.net/2019/01/10/index2.html and is part of the Hookads campaign that is using the Rig Exploit Kit to push Vidar. So lets get started... So what I will be doing is fairly straight forward. I will first setup my … Continue reading Rig Exploit Kit – Vidar Behavioral Analysis

Basic Dynamic Analysis Pteranodon.bin – Gamaredon Group

So today I wanted to do a blog post on an executable SHA-256: 408e38b4d81de63e5762dcb8024f81360b426429821f9934b087aa0a6b44c56f that has been tied back to the Gamaredon Group, in my research. I pulled it down from @0xffff0800 .onion website http://iec56w4ibovnb4wc.onion/Library/GamaredonGroup/. Thank you @0xffff0800 with sharing these samples with the community! A little background on who the Gamaredon Group is. According … Continue reading Basic Dynamic Analysis Pteranodon.bin – Gamaredon Group