Monthly Archives: July 2016

Yet another PDF/XDP Malware

Today we’re going to analyze yet another sample of PDF containing an XDP form. The difference between this sample and the one of my previous post is that this one will be less about JavaScript deobfuscation and more about anti-analysis … Continue reading

Posted in PDF, Profiler | Tagged , , , | Comments Off on Yet another PDF/XDP Malware

Extracting C&C from Android Malware

Even though AndroRat (http://www.symantec.com/connect/blogs/remote-access-tool-takes-aim-android-apk-binder) had been around for eons and the source code was made available (https://github.com/DesignativeDave/androrat) but there are many new ones popping out everyday. Today I will go through with you on how we can make Profiler work … Continue reading

Posted in DEX, Profiler | Tagged , | Comments Off on Extracting C&C from Android Malware