In this example, REVEN has been used with its integration with Volatility and IDA to detect indicators of compromise, analyze the dropping mechanisms and circumvent tricks the Uriburos malware uses to hide itself.
The starting point of this analysis is a 50 seconds record of the Uroburos dropper executed from the desktop on a Windows 7 x64 SP1.
Analysis: https://blog.tetrane.com/2019/Analysis-Uroburos-Malware-REVEN.html
Video:
Comments
0 comments
Please sign in to leave a comment.