Quick “how-to-decode” this banking Trojan encoded string

Remember when you could figure out what bank was being targeted by a Brazilian banking Trojan just by running “strings” against it? Well, that was a while ago.

There’s this decode function widespread among most banking Trojan samples that I get my hands on, especially those written in Delphi.

Let’s take a look!

Continue reading “Quick “how-to-decode” this banking Trojan encoded string”

A random 2016 Brazilian Banking Trojan – Londer / jottvxz / Telax

“Brazil has a lot of banking Trojans” – is a sentence folks working the AV industry might have said/heard quite a few times.

Well, here’s a quick analysis on a random Brazilian banking Trojan. Spoiler alert: it’s a mess.

Continue reading “A random 2016 Brazilian Banking Trojan – Londer / jottvxz / Telax”