We have been tracking suspicious botnet activity since January. During the analysis was confirmed doubts about killing Grum, one of the largest spamming botnets. For whole article click on the image bellow you will redirected to avast! blog.
When you are analysing a malware it is common thing that you have to defeat some layers of obfuscation and anti-debugging. I have decided to describe one part of analyzing interesting sample from past.
A lot of malware samples are encrypted so the first step is find the decrypted part of program. It is possible that there are some anti-debugging tricks. So running in the debugger will cause a crash. Continue reading