Markov models : detecting malware through language recognition

Hi there , in this blog I’m going to give an introduction to the use of probability models for (written) language recognition to detect malware and demonstrate it with a .net / powershell implementation of a Markov model . It’s not uncommon encounter text  that was generated randomly by malware. …

Hunting for Ransomware with Powershell

  This is part 2 of the series on remote IOC scanning with Powershell. We left off with our script being able to scan remotely for the existence of files and registry keys. The limitation we had so far was that when we specified registry keys in the HKEY_CURRENT_USER hive …

How to remove CryptoLocker Ransomware

CryptoLocker is a file-encrypting ransomware, which will encrypt the personal documents found on victim’s computer using RSA-2048 key (AES CBC 256-bit encryption algorithm). CryptoLocker then displays a message which offers to decrypt the data if a payment of 2.2330749 BTC (bitcoins; around 499 USD) is made within 96 hours, otherwise …