rough_spear wrote:Hi All, :DOh, no...Bublik it's not Bubnix or Necurs, it's an absolutely different malware.
Necurs rootkit aka Bubik/Bubnix.
Dropper -
...
rough_spear.
A forum for reverse engineering, OS internals and malware analysis
rough_spear wrote:Hi All, :DOh, no...Bublik it's not Bubnix or Necurs, it's an absolutely different malware.
Necurs rootkit aka Bubik/Bubnix.
Dropper -
...
rough_spear.
rkhunter wrote:But this malware puts it's driver in Boot Bus Extender driver group.BTW which malware is this?rough_spear wrote:Hi All, :DOh, no...Bublik it's not Bubnix or Necurs, it's an absolutely different malware.
Necurs rootkit aka Bubik/Bubnix.
Dropper -
...
rough_spear.
rough_spear wrote:...it's Necurs, but not a Bublik. And btw, why you think that Necurs is a Bubnix?rkhunter wrote:But this malware puts it's driver in Boot Bus Extender driver group.BTW which malware is this?rough_spear wrote:Hi All, :DOh, no...Bublik it's not Bubnix or Necurs, it's an absolutely different malware.
Necurs rootkit aka Bubik/Bubnix.
Dropper -
...
rough_spear.
EP_X0FF wrote:Bublik is a data stealing trojan, Bubnix is usually Rustock (however this is generic name describing different families of malware that uses drivers to block/prevent removal) and Necurs is not rootkit but driver agent - part of FakeAV "self-protection". Posts moved.Thanks EP_X0FF,