Palo Alto Networks

419 Scam

NetWire and MITRE ChopShop

On August 4, Unit 42, the Palo Alto Networks threat intelligence team, released a tool to decrypt the traffic from a Remote Administration Tool (RAT) named NetWire (part of the NetWiredRC malware family).  For details of the encryption protocol used please see our earlier post here.

The previously released protocol decoder and parser was originally built as a stand-alone module. As part of Unit 42’s mission to contribute to the se...

Aug 25, 2014

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.