Catégorie : Reverse

Taking your threat intelligence seriously

Unveiling Sharp Panda’s New Loader

Checkpoint recently published a report on Sharp Panda, mentioning an extension of its victimology as well as the utilization of a new dropper to deploy the 5.t framework. To avoid confusion with other vendors naming, Checkpoint decided to rename Sharp Panda to Sharp Dragon. Associated in open sources to China, this intrusion set is mostly…
Lire la suite

Analysis of Sarwent loader: Old ways die hard

A few days ago, I saw a tweet from malware C2 hunter Viriback (kudos for all your great work) mentioning the Sarwent loader. This malware appeared at least in 2018 and was notably used in a campaign reported by Talos using Amnesty International as lure in 2021. Since I had never worked on this malware…
Lire la suite