This report provides new insights into the Shamoon 2.0 and StoneDrill attacks, including: 1. The discovery techniques and strategies we used for Shamoon and StoneDrill. 2. Details on the ransomware functionality found in Shamoon 2.0. This functionality is currently inactive but could be used in future attacks. 3. Details on the newly found StoneDrill functions, including its destructive capabilities (even with limited user privileges). 4. Details on the similarities between malware styles and malware components’ source code found in Shamoon, StoneDrill and NewsBeef.