Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Analysis of .NET Thanos Ransomware Supporting Safeboot with Networking Mode
#1
[Image: 6yKj7Ig.png]

Last week, FortiGuard Labs captured a new Thanos ransomware sample. This ransomware is being popularly advertised on the underground market as a Ransomware-as-a-Service (RaaS) tool.

This new Thanos ransomware variant allows attackers to generate customized payloads with a wide variety of features and options. In addition, this malware sample uses an unknown obfuscator. It also has the powerful capability of bypassing 37 different antivirus, anti-VM, anti-debugging, and anti-sandboxing applications. And it also can reboot an infected Windows 7 system in safeboot-with-networking mode to bypass detection by antivirus software.

More info HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  REvil ransomware has a new ‘Windows Safe Mode’ encryption mode tarekma7 0 1,235 03-19-2021 , 01:25 PM
Last Post: tarekma7

Forum Jump:


Users browsing this thread: 1 Guest(s)