Search This Blog

Sunday, September 17, 2017

Deep Analysis of New Poison Ivy/PlugX Variant - Part II

This is the second part of the FortiGuard Labs analysis of the new Poison Ivy variant, or PlugX, which was an integrated part of Poison Ivy’s code. In the first part of this analysis we introduced how this malware was installed onto victim’s systems, the techniques it used to perform anti-analysis, how it obtained the C&C server’s IP&Port from the PasteBin website, and how it communicated with its C&C server.

https://blog.fortinet.com/2017/09/15/deep-analysis-of-new-poison-ivy-plugx-variant-part-ii

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.