Downloaders and droppers play a vital role in web – the functioning of the ecosystem. They are often used for a number of exploits, and they are effective in providing a wide menu of malware, including ransomware, banking trojans, thieves credentials, etc.
Thus, we bring to your attention an article that covers four key points, such as:
1. Delivery. SmokeLoader This sample was taken from Sundown Exploit Kit. A feature of the smoke loader program family – support program add-ons that extend the standard capabilities of malware.
2. Crypter. Crypter normally works in three stages.
3. Command and control. This embodiment performs SmokeLoader POST, containing RC4 encrypted data to one of its C2 URL-addresses, which it holds on the board.
4. Review of MNCs. You can enjoy an overview of MNCs. Thus it can be seen that can be used to detect SmokeLoader.
Loaders and other delivery systems usually hide their payloads using various techniques. This article discusses the methods that should be observed with greater frequency in the coming years.
More.
