Deconstructing Zepto

A user at one of the locations I work at managed to get the Zepto ransomware in August. I finally got my hands on the files so I could take a look at them. Here’s what I found: Tools I used: plasma strings objdump PE file sections (via plasma): .text… Continue reading