This week we've been busy hunting bugs and making improvements to the analysis pipeline of UnpacMe. In addition to maintenance work, we've updated several malware config extractors such as SmokeLoader, XLoader and VidarStealer.
This week we've also added an extractor for Asbit Downloader - a malicious loader which downloads and executes the Asbit Core Module - a Remote Access Trojan (RAT) that was first observed in 2021.
An example of the Asbit Downloader configuration extracted by UnpacMe is shown below.
If you have any issues or questions with the service, please feel free to reach out.