Information about two Windows variants of Derusbi malware
To follow up on the March report on the discovery of a 64-bit Linux variant of Derusbi used in the Turbo campaign, this post covers our analysis of two unique Windows variants of the Derusbi PGV_PVID malware.
To follow up on the March report on the discovery of a 64-bit Linux variant of Derusbi used in the Turbo campaign, this post covers our analysis of two unique Windows variants of the Derusbi PGV_PVID malware. Derusbi has been widely covered and associated with numerous Chinese cyber espionage actors, including the group known as C0d0s0 Team (aka Sunshop Group) and its watering-hole attacks using Forbes[.]com in 2014.