SecurityHome.eu VirTool:MSIL/Biresso.A!plock

Home / malware PDF

VirTool:MSIL/Biresso.A!plock

First posted on 01 June 2016.
Source: Microsoft
Aliases :
There are no other names known for VirTool:MSIL/Biresso.A!plock.
Explanation :
This is an obfuscator used by many different malware families.

The malicious code is encrypted and hid in the ressource section of the malware file as a bitmap file.

The file's code displays a large list of functions with meaningless names, and most of the file is considered "garbage code", which uses a lot of heavy functions to make the file large and appear complex.

The malware is decrypted and loaded by the obfuscator when it is run.

Analysis by Duc Nguyen
Last update 01 June 2016

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

VirTool:MSIL/Biresso.A!plock