markusg wrote:Setup.exePayload set as critical system process (termination leads to BSOD).
http://virusscan.jotti.org/de/scanresul ... 9675334c11
UPX + DarkEyE crypter + UPX
likely this DarkEyE skiddie crypter.
Features:Primitive crapware Backdoor:Win32/Fynloski.A written on Delphi.
•Delayed Execution
•Inject in custom process
•Bypass UAC
•Hide File
•Persistance Critical Process
•Bypass KIS11
•U.S.G. (Unique Stub Generator)
•Process Mutex
•Obfuscator
•Binder
•Downloader
In attach totally unpacked.
https://www.virustotal.com/file-scan/re ... 1302446215
Posts moved.
Attachments
pass: malware
(240.09 KiB) Downloaded 74 times
(240.09 KiB) Downloaded 74 times
Ring0 - the source of inspiration