Thursday, 10 August 2017

Serpent Ransomware Analysis

The new Octopus cryptolocker being an offspring of the Serpent/Zyklon/WildFire/HadesLocker families shows that .NET ransomware can be not an easy meat for a reverse engineer. It leverages several types of obfuscation, code encryption, and anti-debugging to protect its C# code from decompilation and analysis.

See our analysis in the Acronis blog. https://www.acronis.com/en-us/blog/posts/serpent-pretends-be-octopus-new-step-zyklon-ransomware-evolution

No comments:

Post a Comment