Home  >  

Tag: Malware

New TINYSHELL based Linux malware related to UNC5325

Published date December 2, 2025 Categories Malware Analysis

In June 2025, we discovered the dropper of new TINYSHELL based Linux malware. Because this malware had code overlapping with PITHOOK, reported to be used by UNC5325, we are confident that this malware is related to attack campaign of UNC5325. UNC5325 is suspected to be China-nexus espionage actor, whose reported to be exploiting vulnerability of Ivanti Connect Secure (CVE-2024-21893) in...

READ MORE New TINYSHELL based Linux malware related to UNC5325

Effective Malware Analysis using Unicorn

Published date October 30, 2025 Categories Malware Analysis

Unicorn is a QEMU-based CPU emulator framework presented at Black Hat USA 2015. > GitHub – unicorn-engine/unicorn: Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)https://github.com/unicorn-engine/unicorn It is used for multiple purposes, such as malware analysis and fuzzing. Many binary analysts love it because it offers several advantages compared to other emulator frameworks. In this...

READ MORE Effective Malware Analysis using Unicorn

New Loader Executing TorNet and PureHVNC

Published date October 29, 2025 Categories Malware Analysis

Around May 2025, a ZIP file containing multiple files, including a newly discovered malware loader, was uploaded to VirusTotal. This loader had several characteristics not often seen in other malware loaders, such as its ability to execute two malware families (TorNet and PureHVNC) and its implementation of API hashing with MurmurHash2. In this article, we will share the information gained...

READ MORE New Loader Executing TorNet and PureHVNC