Win32/Tilon - Page 2 - KernelMode.info

Re: Win32/Tilon

#25579 by R136a1
Sat Apr 04, 2015 9:08 am

Some new samples according to an article of Dr.Web:
http://news.drweb.com/show/?i=9345&lng=en

Hint came from EP_X0FF

Attachments

Yebot_Tilon_2015.zip

PW: infected
(4.12 MiB) Downloaded 73 times

Malware Reversing
http://www.malware-reversing.com

Username

R136a1

Rank

Forum Admin

Posts

272

Joined

Wed Jul 13, 2011 4:30 pm

Location

Netherlands

Re: Win32/Tilon

#25580 by EP_X0FF
Sat Apr 04, 2015 3:15 pm

Thanks for mention :)

In attach unpacked dropper. Notice UAC bypass method which is Leo Davidson concept another derivative which will work only for Windows 7 (unsure about original Windows 8 9200 I don't have it).

Attachments

dropper.rar

pass: infected
(150.56 KiB) Downloaded 55 times

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Options
12 posts
Previous
1
2

Page 2 of 2
12 posts

Return to “Malware”

Display:

Sort by:

Jump to: