Fresh yet another PbBot bootkit dropper.
Obvious Korean targeted malware is obvious.
Same purpose, but different code.
So I opened new post for this.
Dropper, payloads and MBR dump attached.
VirusTotal result(s):
mbr.bin 12/45 https://www.virustotal.com/file/259b99a ... 354543323/
KTX_1.exe.vir 14/45 https://www.virustotal.com/file/bc5a237 ... 354542280/
Obvious Korean targeted malware is obvious.
Same purpose, but different code.
So I opened new post for this.
Dropper, payloads and MBR dump attached.
VirusTotal result(s):
mbr.bin 12/45 https://www.virustotal.com/file/259b99a ... 354543323/
KTX_1.exe.vir 14/45 https://www.virustotal.com/file/bc5a237 ... 354542280/
Attachments
pass: infected
(2.59 MiB) Downloaded 110 times
(2.59 MiB) Downloaded 110 times