search menu icon-carat-right cmu-wordmark

Archive: March 2019

API Hashing Tool, Imagine That

API Hashing Tool, Imagine That

• CERT/CC Blog
Kyle O'Meara

In the fall of 2018, the CERT Coordination Center (CERT/CC) Reverse Engineering (RE) Team received a tip from a trusted source about a YARA rule that triggered an alert in VirusTotal. This YARA rule was found in the Department of Homeland Security (DHS) Alert TA17-293A, which describes nation state threat activity associated with Russian activity. I believed this information warranted further analysis....

Read More