HZ Rat goes China - Following the tail of an unknown backdoor.
Walking down the Royal Road and hunting for malicious documents, one by-catch of our YARA rule caught our attention. Points out we found HZ Rat - a less known Trojan. In this talk we share how we followed the tail of this backdoor, analyzed its functionality, uncovered the campaign, talked to multiple C2 servers and developed some unpacker.