Hi folks,
here are two samples of Backdoor.Batel, a small shellcode like dll file. Nothing special though, the technique is nearly identical to the one described here, except this time it's realized as a standalone dll: https://blog.cylance.com/operation-clea ... epad-files
PDB path string:
https://virustotal.com/en/file/001221d6 ... /analysis/
https://virustotal.com/en/file/1d9ded30 ... /analysis/
here are two samples of Backdoor.Batel, a small shellcode like dll file. Nothing special though, the technique is nearly identical to the one described here, except this time it's realized as a standalone dll: https://blog.cylance.com/operation-clea ... epad-files
PDB path string:
Code: Select all
Files:C:\Users\DNS\Documents\shellcode\BATLE_SOURCE\DLL_CRSS_DATA-KEY_10-02-2016\Release\32.pdbhttps://virustotal.com/en/file/001221d6 ... /analysis/
https://virustotal.com/en/file/1d9ded30 ... /analysis/
Attachments
PW: infected
(8.8 KiB) Downloaded 68 times
(8.8 KiB) Downloaded 68 times
Malware Reversing
http://www.malware-reversing.com
http://www.malware-reversing.com
