Part Two in a multi-part series on holistic, multi-disciplinary analysis and reversing.
The last post, “Mutex Analysis: The Canary in the Coal Mine,” started off showing to use mutexes to discover malware that is difficult to locate using more traditional methods and tools. We used a live compromised system for the example and the post came to a relatively abrupt end when it seemed that we stumbled onto a new/unknown type of malware – or at least one that does not seem to have any public exposure or analysis. This post is “part 2″ of our analysis.
This post has been moved to the “Forensics and Reversing” section of the website. I apologize for the inconvenience. Read the full article here.