Threat Research

    Changes to HeartCrypt-packed malware

    Recent changes to HeartCrypt-packed malware include a shift in how the malware payload is hidden. Previously, the position-independent code (PIC) was stored in the PE file's resource data, but now the payload is hidden in two separate files disguised as BMP images. These files contain a fake BMP header, followed by junk data, an XOR key, and XOR-encrypted data....
    1/8/2025  0
    Read More »

    Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation

    "Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation" explores a new malware protection service called HeartCrypt, which has been in development since July 2023 and started offering its services in February 2024. HeartCrypt allows cybercriminals to pack malware into legitimate files, making it harder to detect....
    12/17/2024  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.