REvil Ransomware Malware Analysis
Blog 1. Overall Summary The REvil (also known as Sodinokibi) is a Ransomware-as-a-Service (RaaS). The first attack of REvil in the middle of April 2019, got huge attention from the Cyber Security world due to sharing many similarities with GandCrab Ransomware and the distribution techniques of ransomware they are using such as exploit kits, scan […]
LockBit 2.0 Ransomware Analysis
Blog 1 Executive Summary 1.1 Overview LockBit 2.0 is a Ransomware as a Service (RaaS), with an Affiliate program in place. Oftentimes, their binaries are cryptographically signed with valid, stolen certificates. LockBit Ransomware have some similarity with Maze Ransomware in UAC bypass techniques but Encryption Routine makes LockBit 2.0 so powerful and fast against other […]