AdWind

MuddyWater: Binder Project (Part 1)

May 1, 2021May 7, 2021

According to Lab Dookhtegan, which you migth remeber him/their from HERE, HERE and HERE, Binder is a project related to IRGC cyber espionage group build for trojenize google apps (APK). The application “trojenization” is a well-known process which takes as input a good APK and a code to inject (a RAT, for example). The system […]

Interesting hidden threat since years ?

August 20, 2018January 9, 2019

Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many obfuscation steps and implementation languages. During the analysis time only really few Antivirus (6 out of 60) were able to […]