Technical Papers

This section is dedicated to papers that are based on experiments and practice of germane issues regarding security. Some of these papers have been presented at International security seminars and technical conferences. The range of papers are aimed at system administrators, security specialists or academicians interested in understanding the issues.

Decryptme Ransomware

With an increase in ransomware built in the .NET framework, this ransomware adds file extensions containing the “DecryptMe” string. We will discuss here more about the DecryptMe Ransomware, which does not leave any footprint to identify itself.

Threat Intelligence

Threat intelligence has been evolving as a term for a decade, but how is it preventing data breaches? This paper highlights how Threat Intel can help companies identify the threats impacting their business.


The Darkside ransomware attack campaigns stood out for their use of stealthy techniques, especially in the early stages. Because of its potential impact, we detail here the mechanisms used by the ransomware so that security teams can better assess thei

Deconstructing RansomExx aka Defray777 Ransomware – Memory run fileless malware
RansomExx is a ransomware family that targeted multiple companies in the past years. It is a Trojan-based ransomware strain that uses email as its delivery method. This paper highlights the detailed analysis, processes, and prevention techniques to be saf
The Evolution of Fake Apps

The rapid surge in FakeApps on Android Platforms has been a problem point, for both, Google as well as its consumers. Find out The various channels through which FakeApps enter users' phones.

The Complete story of EMOTET

Emotet started as a banking trojan but this paper will shed light on how it has also become a "threat distributor". We will also discuss server-side and client-side activity and how it spreads.

EternalBlue - A Prominent Threat Actor of 2017-2018

This Technical paper outlines the usage of the Fuzzbunch exploit framework, details of MS17-010 patch, and insights into the EternalBlue exploit and DoublePulsar payload.

Android Accessibility
Android Accessibility Features is an all-new way to have a conversation. Designed for people with disabilities, the features are a boon making digital media accessible with just a tab. Read the whitepaper to know more about how to leverage the security fe
Quick Heal's Web Filtering Service
Quick Heal’s Web Filtering Service provide the most effective way to block access to unwanted content and protect users against web-based threats using real-time, Deep learning-based intelligence. Read our Whitepaper to know more.
Behaviors based detection for files infectors

The proliferation of complex and sophisticated malware requires more than the current heuristic detections that are used by traditional anti-virus software. This paper is an insightful take on the need for behavior-based detection for file infecting vi

Introduction to malware and malware analysis

This paper systematically gives an introduction to the varieties of samples that come under the scope of malware, their distinguishing features, prerequisites for malware analysis and an overview of the malware analysis process.000


Web Browser Sandboxing: Security Against Web Attacks

The evolution of web attacks and their vulnerabilities, the need for a ‘Sandbox’ environment and its progress were the topics that were studied and presented in this paper.




Automated Malware (mis)Classification and Challenges

This paper talks about Quick Heal’s study regarding Anti-Malware and Automated Malware Classification. It also discusses the preventive measures against Automated Malware.