Category Archives: English

Creating Volatility Linux Profiles (openSUSE)

1.) Install OS in your VM (e.g. openSUSE-13.1-DVD-x86_64.iso) 2.) Fingerprint OS and kernel 3.) Install Subversion in your VM and download Volatility 4.) Installing libdwarf-tools 5.) Creating the kernel data structures file using libdwarf-tools a) Install the following packages via … Continue reading

Posted in English, Linux, Memory Forensics, Volatility | Leave a comment

Creating Volatility Linux Profiles (Debian/Ubuntu)

Debian/Ubuntu: 1.) Install OS in your VM (e.g. ubuntu-13.10-desktop-amd.iso) 2.) Fingerprint OS and kernel 3.) Install Subversion in your VM and download Volatility 4.) Installing dwarfdump 5.) Creating the kernel data structures file using dwarfdump a) Creating vtypes b) Getting … Continue reading

Posted in English, Linux, Memory Forensics, Volatility | Leave a comment

Analysis of Android.Trojan.FakeSite.A aka Perkele

Intro: What is Perkele? Perkele is a crimeware kit used to generate Android trojans for monitoring and forwarding SMS messages containing mTANs. Perkele, made a name for itself because it can be combined with any malicious code that executes webinject … Continue reading

Posted in Android, Banking Trojan, English, Mobile Security | Leave a comment

Analysis of Android.Zitmo-Urlzone

Intro: What is Android.Zitmo-Urlzone? Android.Zitmo-Urlzone is the mobile “add-on” for the banking trojan Urlzone. This app, known as a Zeus In The Mobile variant, steals incoming SMS messages and uploads them to the remote server. Its primary purpose is to … Continue reading

Posted in Android, Banking Trojan, English, Malware Forensics, Mobile Security | Leave a comment