It’s every malware analyst’s dream to be handed a sample which is, so far, unnamed by the AV community - especially when the malware in question may have links to a well-known APT group.
In my line of work I analyse several ‘unknown’ malware samples a week, but often it turns out that they are simply new variants of existing malware families. Recently I was fortunate enough to be handed something that not only had a low detection rate but, aside from heuristics, seemed to be relatively unknown to the top 40 anti-virus companies.
In this post I will walk you through the malware family we’ve dubbed “OrcaRAT”.
more here...........http://pwc.blogs.com/cyber_security_updates/2014/10/orcarat-a-whale-of-a-tale.html
In my line of work I analyse several ‘unknown’ malware samples a week, but often it turns out that they are simply new variants of existing malware families. Recently I was fortunate enough to be handed something that not only had a low detection rate but, aside from heuristics, seemed to be relatively unknown to the top 40 anti-virus companies.
In this post I will walk you through the malware family we’ve dubbed “OrcaRAT”.
more here...........http://pwc.blogs.com/cyber_security_updates/2014/10/orcarat-a-whale-of-a-tale.html