🃏Joker@sh.itjust.works to Cybersecurity@sh.itjust.worksEnglish · 1 year agoKaspersky discovers new Ymir ransomware used together with RustyStealersecurelist.comexternal-linkmessage-square1linkfedilinkarrow-up116arrow-down11
arrow-up115arrow-down1external-linkKaspersky discovers new Ymir ransomware used together with RustyStealersecurelist.com🃏Joker@sh.itjust.works to Cybersecurity@sh.itjust.worksEnglish · 1 year agomessage-square1linkfedilink
minus-squareTheOneCurly@lemm.eelinkfedilinkEnglisharrow-up1·1 year ago Although the binary does not raise suspicions of being packed, as its entropy is not high enough, the presence of API calls to functions like malloc, memmove and memcmp indicates that it can allocate memory to perform malicious functions. Allocating memory is suspicious?
Allocating memory is suspicious?