Analysis of an old Downloader

#20755 by R136a1
Mon Sep 09, 2013 8:52 am

Hi there,

my latest article about a downloader with "rootkit" capabilities:
http://thegoldenmessenger.blogspot.de/2 ... f-old.html

Samples attached.

Regards

PW: infected
(70.39 KiB) Downloaded 34 times

PW: infected
(39.93 KiB) Downloaded 34 times

Username

R136a1

Rank

Forum Admin

Posts

272

Joined

Wed Jul 13, 2011 4:30 pm

Location

Netherlands

#20756 by EP_X0FF
Mon Sep 09, 2013 9:55 am

This is variant of old Haxdoor lolkit. It suffered from bugs related to hooking as well (no WP bit clean, MP unfriendly etc). Unworkable junk.

Ring0 - the source of inspiration

Username

EP_X0FF

Rank

Global Moderator

Posts

4947

Joined

Sun Mar 07, 2010 5:35 am

Location

Russian Federation

Contact

Display:

Sort by:

Jump to: