A comprehensive analysis of one the GreyEnergy malware’s infection techniques, a phishing email, from the maldoc, to the custom packer and the final dropper (backdoor). The deepest reverse engineering is done on the packer. Two new tools were released to support further analysis of GreyEnergy.
GreyEnergy: Dissecting the Malware from Maldoc to Backdoor, Comprehensive Reverse Engineering Analysis
by Nozomi Networks Labs | Feb 12, 2019