Solving convoluted problems, tutorials, write-ups & thoughts on security

An Analysis of Modified VeraCrypt binaries (Part 3)

Continuing and finishing on the analysis of the fake VeraCrypt Windows installer distributed on httx://vera-crypt[.]com, I am now reverse-engineering data.dll, which again tries to download another payload from a C2 server. Problem: the server is down. Instead, I’m focusing on recovering an old payload from the same malware family that I decipher from a PCAPContinue reading “An Analysis of Modified VeraCrypt binaries (Part 3)”


Something went wrong. Please refresh the page and/or try again.