I got some stuff wrong on encryption too. We live and learn!!Don't worry mate, I haven't noticed that Lol
Living up to his name "Opcode"... dissecting things to opcode level
I am no "professional" with malware analysis, far from it haha - look at all the mistakes I made today hahaha. enough about me nowLiving up to his name "Opcode"... dissecting things to opcode level
May I ask how/where I can begin with to learn such dissecting? Or for example, yesterday's batch of samples consist of a .lnk which launches powershell. Just wonder how and steps to dissect this file for example.
Thanks!!!!I am no "professional" with malware analysis, far from it haha - look at all the mistakes I made today hahaha. enough about me now
As for your question.... Some popular Anti-Virus vendors have written about LNK files and PowerShell, here are some links you might find useful for research:
A Rising Trend: How Attackers are Using LNK Files to Download Malware - TrendLabs Security Intelligence Blog
Improved scripts in .lnk files now deliver Kovter in addition to Locky
Windows Shortcut File or .LNK Files Sneaking In Malware
I wish you luck my friend, and I am sure you will become a great malware analyst!!