I recently got bin of some interesting bot with ring3 rootkit, i executed on XP Vmware, and i cannot kill the process it injects in, someone can do a brief analysis on what techniques it uses ?
http://anubis.iseclab.org/?action=resul ... c290d02258
http://anubis.iseclab.org/?action=resul ... c290d02258
Attachments
infected
(121.17 KiB) Downloaded 299 times
(121.17 KiB) Downloaded 299 times
Last edited by EP_X0FF on Tue Jun 04, 2013 3:45 am, edited 2 times in total.
Reason: renamed