Malware Analysis New Locky variant – Zepto Ransomware Appears On The Scene

splinter_code · Jul 7, 2016

New Locky variant – Zepto Ransomware Appears On The Scene

New threat dubbed Zepto Ransomware is spreading out with a new email spam campaign. It is a variant of the recent Locky Ransomware.

If you are interested in it you can read the full report here:

New Locky variant – Zepto Ransomware Appears On The Scene

JM Safe · Jul 7, 2016

Ransomwares are growing really fastly, I always recommend to beginners to install an antiransomware ASAP, especially who navigates a lot.

LabZero · Jul 8, 2016

Of course, NOP instructions and unconditional jumps are old but still valid techniques.

splinter_code · Jul 10, 2016

Klipsh said:
Of course, NOP instructions and unconditional jumps are old but still valid techniques.

I think that NOPing instrunctions are one of the most versatile way to fight binaries behaviors, but of course it could be useless against some kind of threat like self modifying code malware.

LabZero · Jul 11, 2016

splinter_code said:
I think that NOPing instrunctions are one of the most versatile way to fight binaries behaviors, but of course it could be useless against some kind of threat like self modifying code malware.

NOP instructions are related to the malware, when it's inserted "dead code" to change the malcode but not its functionality.
NOP is an instruction that doesn't have an impact on the execution of the malware routines, but it makes ineffective the detection through the extraction of hexadecimal strings.
The purpose is to trick the AV based on signature matching.

Search

Malware Analysis New Locky variant – Zepto Ransomware Appears On The Scene

splinter_code

Level 1

JM Safe

Level 39

LabZero

splinter_code

Level 1

LabZero

Similar threads