Home > Knowledge Centre > infostealer
FormBook

FormBook Malware Returns: New Variant Uses Steganography and In-Memory Loading of multiple stages to steal data

  • Rumana Siddiqui / 5 years
  • 0
  • 9 min read

Quick Heal Security Lab has seen a sudden increase in dotnet samples which are using steganography. Initially, in the static analysis, not much information is available. It resembles some simple application going by the method name. On the dynamic side, some show the activity but another check for sandboxing environment. Apart from this, even on […]

STOP (Djvu) Ransomware: Ransom For Your Shady Habits!

  • Jayesh kulkarni / 6 years
  • 0
  • 11 min read

With almost 200 extensions, STOP (djvu) ransomware can be said to be 2019’s most active and widespread ransomware. Although this ransomware was active a year before, it started its campaign aggressively in early 2019. To evade detection, it has been continuously changing its extensions and payloads. For earlier infections, data recovery was easier if the […]

Deep analysis of AZORult – The information exfiltrator

  • Preksha Saxena / 7 years
  • 0
  • 6 min read

While the current focus in the cyberspace is on Ransomware and Cryptominers there are other prevalent threat actors silently making their way into victim’s machine in order to comprise it for malicious purpose. During the daily threat hunting task,Quick Heal Security labs came across a blocked URL by Quick Heal’s URL categorization cloud feature. Further […]

Infostealer Campaign detected in the wild

  • Sakshat Karkare / 10 years
  • 0
  • 2 min read

Quick Heal Threat Research Lab has recently observed an active cybercrime campaign designed to steal user info. The campaign has been noticed to make use of three keyloggers (malicious software that records information entered by a user on their computer keyboard) iSpy logger, Predator logger and Knight Logger. These software are easily available on the […]