Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Malware Analysis

You're reading from   Mastering Malware Analysis The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks

Arrow left icon
Product type Paperback
Published in Jun 2019
Publisher Packt
ISBN-13 9781789610789
Length 562 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (2):
Arrow left icon
Alexey Kleymenov Alexey Kleymenov
Author Profile Icon Alexey Kleymenov
Alexey Kleymenov
Amr Thabet Amr Thabet
Author Profile Icon Amr Thabet
Amr Thabet
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Section 1: Fundamental Theory FREE CHAPTER
2. A Crash Course in CISC/RISC and Programming Basics 3. Section 2: Diving Deep into Windows Malware
4. Basic Static and Dynamic Analysis for x86/x64 5. Unpacking, Decryption, and Deobfuscation 6. Inspecting Process Injection and API Hooking 7. Bypassing Anti-Reverse Engineering Techniques 8. Understanding Kernel-Mode Rootkits 9. Section 3: Examining Cross-Platform Malware
10. Handling Exploits and Shellcode 11. Reversing Bytecode Languages: .NET, Java, and More 12. Scripts and Macros: Reversing, Deobfuscation, and Debugging 13. Section 4: Looking into IoT and Other Platforms
14. Dissecting Linux and IoT Malware 15. Introduction to macOS and iOS Threats 16. Analyzing Android Malware Samples 17. Other Books You May Enjoy

Later derivatives

At first, it is worth noting that not all Mirai modifications end up with a publicly known unique name; often, many of them fall under the same generic Mirai category. An example can be a Mirai variant that, in November 2016, propagated using the RCE attack against DSL modems via TCP port 7547 (TR-069/CWMP).

Here are some other examples of the known botnets that borrowed parts of the Mirai source code:

  • Satori (Japanese for comprehension, understanding): This exploits vulnerabilities for propagation, for example, CVE-2018-10562 to target GPON routers or CVE-2018-10088 to target XiongMai software.
  • Masuta/PureMasuta (Japanese for master): This exploits a bug in the D-Link HNAP protocol, apparently linked to the Satori creator(s).
  • Okiru (Japanese for to get up): This uses its own configurations and exploits for propagation (CVE-2014-8361 targeting Realtek SDK and CVE-2017-17215 targeting Huawei routers). It has added support for ARC processors.
  • Owari and Sora (Japanese...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime