[xors]

Hi all,

I am trying to find the following sample. Hope someone can download it from Virustotal.

SHA256: 4bfe2216ee63657312af1b2507c8f2bf362fdf1d63c88faba397e880c2e39430

[Xylitol]

in attachment

[EP_X0FF]

http://www.sekoia.fr/blog/wp-content/up ... V-v1.6.pdf

[MindfreaK]

Interesting paper. Does somebody know when the binary was found ?
Or can somebody provide vt link?
Does somebody know where the name Sednit comes from ?

[Bogdan-Mihai]

Interesting paper. Does somebody know when the binary was found ?
Or can somebody provide vt link?
Does somebody know where the name Sednit comes from ?

https://virustotal.com/en/file/4bfe2216 ... /analysis/

[EP_X0FF]

2016 is the year when primitive and badly written 32bit SSDT hooker is an advanced persistent threat. Does clowns from Cymmetria already posted about it? I've heard their main clown blahblah something to CNN (how funny trash "security analyst" speaking on trash media).

[xors]

Just for curiosity. Can someone also provide the following sample?

b1900cb7d1216d1dbc19b4c6c8567d48215148034a41913cc6e59958445aebde

It's the x86 driver.

[Antelox]

Just for curiosity. Can someone also provide the following sample?

b1900cb7d1216d1dbc19b4c6c8567d48215148034a41913cc6e59958445aebde

It's the x86 driver.

BR,

Antelox