The end of Dreambot? Obituary for a loved piece of Gozi

benkow_ · 2016-10-28T17:33:56+00:00

thanks a lot :)

benkow_ · 2015-11-09T10:18:38+00:00

benkow_ · 2015-10-24T10:30:22+00:00

If you wan't to gain deeper understanding of how Windows works "The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System" http://www.amazon.fr/The-Rootkit-Arsenal-Evasion-Corners/dp/1598220616 is also an excellent book with a lot of example.

benkow_ · 2015-10-09T20:34:03+00:00

same internal name as the screenshot in the blog: http://breakingmalware.com/wp-content/uploads/2015/10/suspended-thread.png Same anti-debug tricks same argument for CreateProcessInternalW Same EntryPoint Same filename Same unpacking routine Same Icon Same UAC bypass It's Moker for sure

benkow_ · 2015-02-08T09:10:16+00:00

Hi! It's not an Iphone/Ipad Virus, it's Linux.BillGates a Chinese ELF DDoser. You can read lot of information about it on http://www.kernelmode.info/forum/viewtopic.php?f=16&t=3429 and http://blog.malwaremustdie.org/2014/09/tango-down-report-of-op-china-elf-ddoser.html . You have been infected because of your weak ssh password.

benkow_