Researchers at Kaspersky have released a technical analysis report detailing a malware packer named Loncom. This packer uses NSIS software for packing and loading shellcode and has been seen loading malware used by Advanced Persistent Threat (APT) groups. Microsoft’s Crypto API is used to decrypt the final payload. Through a series of exclusive- or (XOR)-based […]
The post Demystifying the Loncom Packer appeared first on Binary Defense.