ACCE Release Notes v1.8.20230124

This release consists of the following:

Recategegorized LoopAddTS as DarkWire Crypter and added support for Crypter and Shellcode variants

Added support for Turian Backdoor

Added support for reported Turla malware

Added support for Silence Group malware

Continued kordesii conversions to dragodis/rugosa

Continue reading

ACCE Release Notes v1.8.20230105

Happy New Year! Please find our first release notes of the year below, with much more to come in 2023!

As a reminder, you can create an account on our Research ACCE instance to view the examples provided in the links.

Continue reading

ACCE Release Notes v1.8.20221220

As we continue adding support to ACCE, we wanted to provide more information about where are efforts are being directed, and are starting a new series that will correspond with new ACCE releases, dubbed “Release Notes”.

Each post will describe what the new release consists of, in terms of new or updated support, and will typically include links to example results on our Research ACCE instance.

Continue reading

Rapidly Evolving BlackMatter Ransomware Tactics

Cipher Tech analysts monitoring VirusTotal for BlackMatter ransomware activity discovered new variants of BlackMatter malware self-reporting as versions 1.9 and 2.0. The new BlackMatter malware samples contain additional functionality, changes to the configuration data, and version 2.0 additionally introduces changes to the configuration decryption algorithm. Cipher Tech analysts developed an ACCE module to automate the extraction of BlackMatter malware’s configuration data. Cipher Tech’s analysis reveals

Continue reading