In the first of a two-part series of blogs, we will delve deeper into Daxin, examining the driver initialization, networking, key exchange, and backdoor functionality of the malware.
Carbon Black Threat Research Dissects Red Leaves Malware, Which Leverages DLL Side Loading - VMware Security Blog - VMware
At the beginning of April, Carbon Black Threat Research began analyzing a malware variant commonly referred to as Red Leaves, which appears to have code reuse from the PlugX family. During the last month, this malware family has been referenced in several security blogs and government