Korean online card gamer targeted rootkit.
3 droppers and payloads attached.
Very very short analysis:
Replace userinit.exe
Detailed analysis is not available yet.
Final payload:
Delphi-coded non-(b|r)ootkit PbBot :evil:
VirusTotal result(s):
Currently, rootkit driver only. I'm too lazy to upload. :twisted:
Most recent rootkit driver 10/46 https://www.virustotal.com/en/file/2822 ... 362028751/
3 droppers and payloads attached.
Very very short analysis:
Replace userinit.exe
Detailed analysis is not available yet.
Final payload:
Delphi-coded non-(b|r)ootkit PbBot :evil:
VirusTotal result(s):
Currently, rootkit driver only. I'm too lazy to upload. :twisted:
Most recent rootkit driver 10/46 https://www.virustotal.com/en/file/2822 ... 362028751/
Attachments
pw: infected
(1.14 MiB) Downloaded 78 times
(1.14 MiB) Downloaded 78 times
