Andromeda (W32/Kryptik.AX!tr) - analysis of the malware
 h-Ash (hasherezade) <hasherezade op pl> |
Saturday, August 24 2013 16:12.12 CDT |
The object of the analysis is a cryptor of MMS malware (called W32/Kryptik.AX!tr by Fortinet, aka Andromeda).
The malware apeared few moths ago in Poland.It have various mutations, carying a various payload.
In this document, I will explain the common elements and mechanisms used in the cryptor.
Link:
http://hasherezade.net/malware/andromeda
Comments
| Posted: Wednesday, December 31 1969 18:00.00 CST | |