Malware analysis Rannoh/Matsnu
Revision as of 14:09, 10 November 2012 by Eric.freyssinet (talk | contribs)
(Publication) Google search: [1]
Malware analysis Rannoh/Matsnu | |
---|---|
Botnet | Matsnu |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 001 |
Editor/Conference | Malware.lu |
Link | http://malware.lu/Pro/RAP001 malware rannoh matsnu 1.1.pdf malware.lu (PDF) (malware.lu (PDF) Archive copy) |
Author | Paul Rascagnères, Hugo Caron |
Type |
Abstract
“ The objective of the mission is to make a complete analysis of a ransomware called
Rannoh/Matsnu. The objective is to be able to understand how this ransomware works, to control if it is possible to recover files encrypted by the ransomware, reverse the communication protocol between the malware and the command & control and to understand the encryption algorithms.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1156, editor = {Malware.lu}, author = {Paul Rascagnères, Hugo Caron}, title = {Malware analysis Rannoh/Matsnu}, date = {Error: Invalid time.}, month = Error: Invalid time., year = {2012}, howpublished = {\url{http://malware.lu/Pro/RAP001_malware_rannoh_matsnu_1.1.pdf malware.lu (PDF)}}, }