Malware analysis Rannoh/Matsnu

From Botnets.fr
Revision as of 14:09, 10 November 2012 by Eric.freyssinet (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

(Publication) Google search: [1]

Malware analysis Rannoh/Matsnu
Mlu001.png
Botnet Matsnu
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 001
Editor/Conference Malware.lu
Link http://malware.lu/Pro/RAP001 malware rannoh matsnu 1.1.pdf malware.lu (PDF) (malware.lu (PDF) Archive copy)
Author Paul Rascagnères, Hugo Caron
Type

Abstract

The objective of the mission is to make a complete analysis of a ransomware called

Rannoh/Matsnu. The objective is to be able to understand how this ransomware works, to control if it is possible to recover files encrypted by the ransomware, reverse the communication protocol between the malware and the command & control and to understand the encryption algorithms.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1156,
   editor = {Malware.lu},
   author = {Paul Rascagnères, Hugo Caron},
   title = {Malware analysis Rannoh/Matsnu},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://malware.lu/Pro/RAP001_malware_rannoh_matsnu_1.1.pdf malware.lu (PDF)}},
 }