Featured

TeamTNT Toolkit

Released tonight on VX-Underground was TeamTNT’s toolkit they used in their Chimaera campaign. Here’s an excerpt from VX-Underground: The files we have received were used scripts by group TeamTNT in their Chimaera campaign. This campaign has been discussed multiple times by various security vendors and researchers. TrendMicro discussed it here: https://www.trendmicro.com/en_us/research/21/c/teamtnt-continues-attack-on-the-cloud–targets-aws-credentials.html PaloAlto Unit42 discussed it […]

Read More TeamTNT Toolkit

Trojan.XMRig Analysis

Example.exe     MD5 – 60d7e7d1522a81917dde26bb9b5f4260     SHA256 – 9017dc9b43b1e8442dd4d423bec02820fde2a0efef05dc81926762e0ff8f263c I took a quick look at Malshare today and saw this interesting file named example.exe and I decided to analyze it. Let’s start with some static analysis. On Malshare, it was reported to have a UPX Packer YARA hit. I took a look at it in […]

Read More Trojan.XMRig Analysis