H1N1 malware

September 15, 2016

SECURITY

Protecting against the latest variant of H1N1

This is the third and final installment in our technical analysis of the H1N1 loader. In case you missed it, my colleague Josh Reynolds peeled apart the latest variant of H1N1 and analyzed its obfuscation tactics and techniques in the first blog, and in the second blog provides deep technical analys…

September 14, 2016

SECURITY

H1N1: Technical analysis reveals new capabilities – part 2

This is the second blog in a 3 part series that provides an in-depth technical analysis on the H1N1 malware. You can read the first entry here where I covered the evolution of H1N1, its infection vector and obfuscation techniques. This blog will provide an overview of its execution. H1N1 Execution E…

September 13, 2016

SECURITY

H1N1: Technical analysis reveals new capabilities

This blog is the first in a 3 part series that will provide an in-depth technical analysis on the H1N1 malware. I’ll be looking at how H1N1 has evolved, its obfuscation, analyzing its execution including new information stealing and user account control bypass capabilities, and finally exploring how…