With the express written permission from the author, here is a an excellent paper "A Detailed Analysis of an Advanced Persistent Threat Malware" and the corresponding malware sample, which you can reverse engineer following step by step explanation by the author Frankie Li (http://espionageware.blogspot.com/)- from vxrl.org (Valkyrie-X Security Research Group)Another great analysis from the same group of another CHM file can be found here: Evidence of Advanced Persistent Threat: A Case Study of Malware for Political Espionage (paper for IEEE 6th International Conference on Malicious and Unwanted Software (Malware 2011)).
Do you wonder if your sample APT or just crimeware? Use their Xecure Deezer - APT identification engine
Thanks for sharing your knowledge of malware. pardon my bad English.
ReplyDeletea greeting
Love you.
ReplyDelete@Anonymous i will assume you mean Frankie
ReplyDeleteMila,Yeah, Thanks for posting! I really enjoyed the report. I’ve already bookmark this article.
ReplyDelete