Posts Tagged ‘Locky forensics’

Most Recent
 
Read More
2016-10-18

LockyDump – a tool for extracting configs from the Locky malware

Locky has continued to evolve since its inception in February 2016. This has made it difficult to track at times due to changes in the way in which it’s distributed as well as various characteristics of the malware itself. The actors responsible for Locky have continuously attempted to improve operational security (OPSEC) in regards to the tracking of affiliates making use of the ransomware. This post will discuss a new Locky configuration extractor that Talos is releasing, which we are naming ‘LockyDump’. This is the first open source tool which can dump the configuration parameters used by all currently known variants of Locky e.g. .locky, .zepto & .odin based [...]

149
Latest Headlines
 
Read More
724
 
Read More
396
 
Read More
775

Trending Topics
digital forensics
computer forensics
Articles
mobile forensics
DFIR
digital forensics software
Android forensics
windows forensics
incident response
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
How to Make the Forensic Image of the Hard Drive
 
3
Extracting data from SmartSwitch backups
 
4
Forensic tools for your Mac
 
5
An Overview of Web Browser Forensics