2025年5月頃、これまで観測されていない新種のローダーを含む複数のファイルが圧縮されたZIPファイルがVirusTot...| IIJ Security Diary
In our daily botnet analysis work, it is common to encounter various loaders.Compared to other types of malware, loaders are unique in that they are mainly used to "promote", i.e., download and run other malware on the infected machine. According to our observations, most loaders are| 360 Netlab Blog - Network Security Research Lab at 360
2025年5月頃、これまで観測されていない新種のローダーを含む複数のファイルが圧縮されたZIPファイルがVirusTotalにアップロードされました。このローダーは2種類のマルウェア (To...| IIJ Security Diary
在我们的日常botnet分析工作中,碰到各种loader是常事。跟其它种类的malware相比,loader的特殊之处在于它主要用来“推广”,即在被感染机器上下载并运行其它的恶意软件。根据我们的观察,大部分loader是专有的,它们和推广的家族之间存在绑定关系。而少数loader家族会将自己做成通用的推广平台,可以传播其它任意家族,实现所谓的malware-as-a-service(MaaS)。跟专有loader相比...| 360 Netlab Blog - Network Security Research Lab at 360
Peeling the layers of this polyglot loader| OALABS Research
Steganography is experiencing a revival as a wrapper for delivering payloads. In this post we'll go back to basics and show just how steganography can be applied to a PNG image using the common least significant bit (LSB) encoding technique. No magic... just raw information... and a little C++.| XPN InfoSec Blog
Shining a Light on the Hidden Tactics and Techniques Employed by DarkGate| Toxin Labs
After years of work, Mono can now be built out of the dotnet/runtime repository in a .NET 5-compatible mode! This mode means numerous changes in the available APIs, managed and embedding, as well as internal runtime behavioral changes to better align Mono with CoreCLR and the .NET ecosystem.| www.mono-project.com