The injustice invasion – Destructive Malware (28th Feb 2022)

Preface: No matter what your reasons are, children are victims!

Human nature: Human desires are infinite. We may meet some of our needs, but new ones will soon emerge. Thus, scarcity explains the relationship between having unlimited demand and the problems within it.

Security Focus: The malware, known as WhisperGate, has two stages that corrupts a system’s master boot record, displays a fake ransomware note, and encrypts files based on certain file extensions.

Malware contained destructive goal and special evasion method:

  1. They targets Windows devices, manipulating the master boot record, which results in subsequent boot failure. 
    PhysicalDrive0″, GENERIC_ALL, FILE_SHARE_READ | FILE_SHARE_WRITE
  2. Once the malware running under Anti-Debug, it can adjust its usual code execution path or modify the code to cause a crash, preventing analysts’ attempts to decipher it.
    The idea is to identify the machine code of some functions for 0xCC byte which stands for INT 3 assembly instruction.

God bless the children and the families of the victims – https://youtu.be/dzPmfaWXsvE

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.