[SANS ISC] Locking Kernel32.dll As Anti-Debugging Technique

[Edited: The technique discussed in this diary is not mine and has been used without proper citation of the original author] I published the following diary on isc.sans.edu: “Locking Kernel32.dll As Anti-Debugging Technique“: For bad guys, the implementation of techniques to prevent Security Analysts to perform their job is key! The idea is

[SANS ISC] Simple Powershell Ransomware Creating a 7Z Archive of your Files

I published the following diary on isc.sans.edu: “Simple Powershell Ransomware Creating a 7Z Archive of your Files“: If some ransomware families are based on PE files with complex features, it’s easy to write quick-and-dirty ransomware in other languages like Powershell. I found this sample while hunting. I’m pretty confident that this

1 2 3 4 18