As you may have heard, recently Finfisher malware sample leaked online. As I got a little free time today, I decided to take a look at it. Sample I'm going to analyze in this article is finfisher1.exe.bin:
MD5: 074919F13D07CD6CE92BB0738971AFC7
SHA: 9F9A18E81E9B39BD2F047004B8E3B4CB0FB505C9
So, at first glance, I noticed it's written in C++ and compiled using Visual Studio 2005. No packer/crypter/obfuscator has been used. So far, FinFisher's performance is disappointing.
more here............https://www.codeandsec.com/FinFisher-Malware-Dropper-Analysis
MD5: 074919F13D07CD6CE92BB0738971AFC7
SHA: 9F9A18E81E9B39BD2F047004B8E3B4CB0FB505C9
So, at first glance, I noticed it's written in C++ and compiled using Visual Studio 2005. No packer/crypter/obfuscator has been used. So far, FinFisher's performance is disappointing.
more here............https://www.codeandsec.com/FinFisher-Malware-Dropper-Analysis