Monthly Archives: May 2017

2017-5-25 | md5:8e45887c903dc0bf3178403c58547eb3 | стандартплюс.рф | xn--80aal3ahogdhcf0m.xn--p1ai sends Russian Shade Ransomware Malware Analysis and Unpacking

Hello shit lords, I have decided to create a new more technical post on Shade Ransomware from a very recent sample. The malware developers went through great lengths to encrypt their traffic using Tor SSL as well they used multiple … Continue reading

Posted in Ransomware | Tagged , , , , , , | Leave a comment

WannaCry WanaDecrypt0r Analysis

#Analysis# Please note this analysis is only really on WanaDecrypt0r and not the dropper known as ​ diskpart.exe. When WannaCry is executed on the target machine a hidden folder is created in the current users directory containing the following files: … Continue reading

Posted in Ransomware | Tagged , , , , , | Leave a comment