Episode Details
Back to Episodes
Malware Analysis Using Artificial Intelligence and Deep Learning
Published 10 hours ago
Description
Focusing on its unpacking process and reflective DLL loading techniques. Using tools like capa, IDA, and Hiew, researchers identified that the malware requires a specific command-line password to decrypt its malicious payload and initiate execution. The ransomware employs robust encryption standards, namely RSA-2048 and ChaCha, while actively terminating security and forensic processes to evade detection. Beyond its technical capabilities, the report highlights the group's extortion methods, which include a "Hall of Shame" website for leaking stolen data and a unique killswitch involving a specific Python file. Ultimately, the documentation underscores the malware’s sophisticated defense evasion and its operational similarities to the notorious Maze ransomware.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary
Get the Book now from Amazon:
https://www.amazon.com/Malware-Analysis-Artificial-Intelligence-Learning-ebook/dp/B08R3BT6JH?&linkCode=ll2&tag=cvthunderx-20&linkId=fd4234a2f7165e5f9c5cf70efc8de149&language=en_US&ref_=as_li_ss_tl
Discover our free courses in tech and cybersecurity, Start learning today:
https://linktr.ee/cybercode_academy
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cyber_security_summary
Get the Book now from Amazon:
https://www.amazon.com/Malware-Analysis-Artificial-Intelligence-Learning-ebook/dp/B08R3BT6JH?&linkCode=ll2&tag=cvthunderx-20&linkId=fd4234a2f7165e5f9c5cf70efc8de149&language=en_US&ref_=as_li_ss_tl
Discover our free courses in tech and cybersecurity, Start learning today:
https://linktr.ee/cybercode_academy