Malware researcher reverse engineered a threat that went undetected for at least 2 years
Security Affairs
AUGUST 20, 2018
The Sample (SHA256: e5c67daef2226a9e042837f6fad5b338d730e7d241ae0786d091895b2a1b8681) presents itself as a JAR file. There is an interesting difference although, this stage builds up a new in-memory stage (let’s call Stage 4) by adding static GZIpped contents at the end of encrypted section (light blue tag on image).
Let's personalize your content